Microsoft Patches Stuxnet VulnerabilityBy CIOinsight | Posted 10-12-2010
Microsoft released 16 security bulletins today as part of a massive Patch Tuesday update.
The record-breaking update includes fixes for 49 security vulnerabilities affecting Windows, Internet Explorer, Microsoft Office and the .NET Framework. Mixed in with the fixes is a patch for one of the zero-day vulnerabilities used by the Stuxnet worm. According to Symantec's Joshua Talbot, Stuxnet--which targets industrial control systems--exploited a privilege escalation vulnerability in the Windows kernel-mode drivers.
"Stuxnet uses the Win32 Keyboard Layout Vulnerability to gain administrator privileges on infected computer systems," explained Talbot, security intelligence manager for Symantec Security Response. "This functionality ensures that none of the threat's malicious actions get blocked on targeted systems due to lack of permission."
The patch means there is still one zero-day used by the malware that remains open. However, the most urgent patches released today are unrelated to Stuxnet, some said.
For more, read the eWeek article Microsoft Patches Stuxnet Vulnerability in Massive Security Update.