Code to exploit the zero-day .lnk file vulnerability (BID 43073) used by Stuxnet was added to the threat around March 2010; we know this because the samples we observed before this date did not contain code to exploit that vulnerability.
Related Posts
- Worm Poses as a Font File, Uses LNK Vulnerability to Propagate
We recently encountered a malware posing as a legitimate font file. Detected as WORM_OTORUN.ASH, the worm is a .DLL file that uses .FON as extension name. To propagate, it drops copies of itself into ... - Stuxnet Print Spooler Zero-Day Vulnerability not a Zero-Day at All?
We have been made aware of a recent blog posting pointing to the fact that the print spooler vulnerability used by W32.Stuxnet and addressed in the Microsoft Windows Print Spooler Service Remote Code ... - Microsoft patches .lnk vulnerability
Microsoft has posted an out-of-band patch for the .lnk vulnerability (CVE-2010-2568) that was widely exploited after it was made public two weeks ago. The company announced Friday that the patch woul... - Microsoft will do out-of-band patch for .lnk vulnerability
On MondayMicrosoft has announced that it will make public an out-of-band patch to fix the high-profile .lnk file vulnerability (CVE-2010-2568).Holly Stewart, MMPC, wrote today: “As mentioned earlier t... - Protection for New Malware Families Using .LNK Vulnerability
We’ve added detection for two new malware families using the vulnerability described in SA2286198. The first, Win32/Vobfus, is actually a family of obfuscated worms that has been around since 20... - autorun.inf and .lnk Malware (NOT ‘Vulnerability in Windows Shell Could Allow Remote Code Execution’ 2286198), (Wed, Jul 21st)
Note that this malware does NOT exploit 'Vulnerability in Windows Shell Could Allow Remote Code Execution' 2286198. It simply uses the autorun.inf to launch the executable, or waits for the user to do... - ePing Arbitrary File CreationCommand Execution Vulnerability
OS2A ID: OS2A_1001 Status Published: 08/04/2005 Updated : 08/05/2005 Patch Released Class: File Creation/Command Execution Severity: CRITICAL Overview: ePing is a ping utility plugin for e107... - Firefox 4 gets its first security update
Yesterday, five weeks after shipping Firefox 4, the Mozilla project published the new browser's first-ever security update. The Firefox version number bumps up to 4.0.1.The update fixes 50-odd bugs in... - WordPress 3.1.2 released – Security fixes
The WordPress team just released a new version of WordPress (3.1.2) to fix a security issue where contributor-level users were allowed to publish posts. It is a small release, and everyone using WordP... - PlayStation Network hacked: Personal data of up to 70 million people stolen
Users of Sony's PlayStation Network are at risk of identity theft after hackers broke into the system, and accessed the personal information of videogame players. The implications of the hack, which r...
