TMCnet - World's Largest Communications and Technology Community



Ancient Stuxnet Flaw Still Being Used to Attack Millions of Windows XP PCs [FARS News Agency]
[August 17, 2014]

Ancient Stuxnet Flaw Still Being Used to Attack Millions of Windows XP PCs [FARS News Agency]

(FARS News Agency Via Acquire Media NewsEdge) TEHRAN (FNA)- A software vulnerability exploited by cyberweapons including Stuxnet and Flame is still being used to attack millions of users around the world four years after it was patched, a Kaspersky analysis has suggested.

The firm's analysis looked at detections of malware trying its luck against CVE 2010-2658, an important flaw discovered to be affecting Windows XP, Vista, Windows 7, Server 2002 and Server 2008 in July 2010, and whose popularity remains strangely undimmed among cybercriminals, Techworld reported. Between November 2013 and June 2014, Kaspersky Lab detected 19 million systems encountering malware that appeared to be using exploits targeting it, 64 percent of which were running Windows XP. The top country registering these exploits was Vietnam (42.4 percent), India (11.7 percent), Indonesia (9.4 percent), Brazil (5.5 percent) and Algeria (3.7 percent), with a clutch of other developing countries also showing high levels of XP use featuring on the list. CVE 2010-2658 was first noticed in the Sality worm and Stuxnet attacks in 2010, and was eventually patched by Microsoft in early August. As it happens, the persistence of this flaw is probably explained by Sality, detections of which seem to coincide closely with its activity. Conclusions? Kaspersky Lab is cagey about how many real-world attacks these ‘detections' translate into (the exploit created malicious shortcuts that can in theory be created by other malware) but it does implies a large number of machines are probably vulnerable to it despite the widespread availability of a patch. Many of these systems also run Windows XP and may never be properly patched against a range of known software flaws. "Kaspersky Lab's experts presume that most of these stem from poorly maintained servers without regular updates or a security solution installed. These servers may also be inhabited by worms that use malware exploiting this vulnerability," said Kaspersky Lab researcher, Yuri Ilyin. But according to Tim Erlin, security R (c) 2014 Fars News Agency. All rights reserved Provided by SyndiGate Media Inc. (

[ Back To's Homepage ]

Technology Marketing Corporation

35 Nutmeg Drive Suite 340, Trumbull, Connecticut 06611 USA
Ph: 800-243-6002, 203-852-6800
Fx: 203-866-3326

General comments:
Comments about this site:


© 2018 Technology Marketing Corporation. All rights reserved | Privacy Policy