Exploit code for one of the zero-day vulnerabilities exploited by the Stuxnet worm has made its way online. There is still no patch currently available for the flaw, though Microsoft said one is forthcoming.
The code exploits a Windows Task Scheduler vulnerability and can be used to escalate privileges. The exploit code was added to the Exploit Database operated by Offensive Security.
The vulnerability was one of four zero-days used by the malware in its bid to compromise industrial control systems. The three others have all been patched since the worm was discovered this summer.
Researchers have spent the last several months trying to get to the bottom of the Stuxnet worm. Just recently, Symantec reported evidence that it targets frequency converter drives used to control the speed of motors and that the actual goal of the worm may be to disrupt nuclear programmes. In particular, speculation has focused on Iran as a possible target, as it has been the site of many of Stuxnet’s infections.
Among the other zero-days Stuxnet has been observed using are the .LNK shortcut vulnerability, patched in August; a vulnerability in the Windows Print Spooler service (MS10-061), patched in September; and another privilege escalation issue (MS10-073), patched in a massive update in October.
Early versions of the worm also spread without a vulnerability at all; instead abusing Windows’ AutoRun feature to compromise machines through infected USB devices.
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…
New chapter for LastPass as it becomes an independent company to focus on cybersecurity, after…
US FCC seeks to ban Chinese telecom firms at centre of national security concerns from…
Two updates to Anthropic's AI chatbot Claude sees arrival of a new business-focused plan, as…