Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Stuxnet-Abused .LNK Security Flaw Eventually Patched

A security fix for .LNK flaw issued in 2010 couldn't really safeguard Windows computers as the notorious Stuxnet worm exploited the flaw. However, the software giant has finally patched the vulnerability that had been exposing users to attack codes from 5-yrs back, published threatpost.com dated March 10, 2015.

Computers had been clandestinely infected following repeated exploitation of the greatly-recorded security flaw even when the PCs were offline like it happened with PCs at the uranium enrichment plant of Natanz, Iran which the Stuxnet infected.

In addition to Stuxnet developers, another gang having connection with the U.S. National Security Agency understandably abused the .LNK vulnerability. This gang of hackers called Equation Group is highly advanced. Whilst attack codes from the state-backed Equation Group wouldn't any more work on computers which had the MS10-046 security fix, it cannot be determined whether the mentioned hackers' cabals recreated their attack codes for circumventing the update. It cannot further be determined whether other cabals uncovered as well as exploited the flaw.

According to Lead Researcher Brian Gorenc associated with the Zero-Day Initiative of HP, one needs to wait for seeing if the vulnerability is getting abused during the passage of time. The Initiative was the first to inform Microsoft about the flaw. Gorenc says he can't believe that someone wasn't aware of the vulnerability before its patch got released this 10th of March 2015. Arstechnica.com reported this, March 10, 2015.

The latest declaration comes when the Security Analyst Summit by Kaspersky in February 2015 researched to find the existence of Equation APT gang that has been associated with Flame, Stuxnet along with other advanced assault components, while exploited the identical .LNK flaw.

Equation's malware kit most intensely contains Fanny, a virus preceding Stuxnet. It abuses twin 0-day flaws that Stuxnet later abused, one of which is the .LNK attack code. The attackers using Fanny infected sensitive computers, passing from one contaminated PC to another through USB detachable devices.

Microsoft remarked: the flaw was completely new which needed one fresh security update. While the company's 2010 patch fixed the Stuxnet-abused flaw, with technology forever evolving, cyber-criminals' methodologies too changed.

ยป SPAMfighter News - 3/20/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page