Incomplete Microsoft Patch Left Machines Exposed To Stuxnet LNK Vulnerability

Discussion in 'Technical' started by sec_monkey, Mar 10, 2015.

  1. sec_monkey

    sec_monkey SM Security Administrator

    A five-year-old Microsoft patch for the .LNK vulnerability exploited by Stuxnet failed to properly protect Windows machines, leaving them exposed to exploits since 2010. Microsoft today is expected to release a security bulletin, MS15-020, patching the vulnerability (CVE-2015-0096). It is unknown whether there have been public exploits of patched machines. The original LNK patch was released Aug. 2, 2010. "That patch didn't completely address the .LNK issue in the Windows shell, and there were weaknesses left behind that have been resolved in this patch," said Brian Gorenc, manager of vulnerability research with HP's Zero Day Initiative. Gorenc said the vulnerability works on Windows machines going back to Windows XP through Windows 8.1, and the proof of concept exploit developed by Heerklotz and tweaked by ZDI evades the validation checks put in place by the original Microsoft security bulletin, CVE-2010-2568.
    stg58 and vonslob like this.
  2. Motomom34

    Motomom34 Monkey+++

    I got two up-dates on my laptop this morning. The second one said it was downloading but went into and indefinite spin. I stopped it after about 45 minutes. Is this what the post above was about?
survivalmonkey SSL seal warrant canary