Stuxnet-Abused .LNK Security Flaw Eventually Patched

A security fix for .LNK flaw issued in 2010 couldn't really safeguard Windows computers as the notorious Stuxnet worm exploited the flaw. However, the software giant has finally patched the vulnerability that had been exposing users to attack codes from 5-yrs back, published threatpost.com dated March 10, 2015.

Computers had been clandestinely infected following repeated exploitation of the greatly-recorded security flaw even when the PCs were offline like it happened with PCs at the uranium enrichment plant of Natanz, Iran which the Stuxnet infected.

In addition to Stuxnet developers, another gang having connection with the U.S. National Security Agency understandably abused the .LNK vulnerability. This gang of hackers called Equation Group is highly advanced. Whilst attack codes from the state-backed Equation Group wouldn't any more work on computers which had the MS10-046 security fix, it cannot be determined whether the mentioned hackers' cabals recreated their attack codes for circumventing the update. It cannot further be determined whether other cabals uncovered as well as exploited the flaw.

According to Lead Researcher Brian Gorenc associated with the Zero-Day Initiative of HP, one needs to wait for seeing if the vulnerability is getting abused during the passage of time. The Initiative was the first to inform Microsoft about the flaw. Gorenc says he can't believe that someone wasn't aware of the vulnerability before its patch got released this 10th of March 2015. Arstechnica.com reported this, March 10, 2015.

The latest declaration comes when the Security Analyst Summit by Kaspersky in February 2015 researched to find the existence of Equation APT gang that has been associated with Flame, Stuxnet along with other advanced assault components, while exploited the identical .LNK flaw.

Equation's malware kit most intensely contains Fanny, a virus preceding Stuxnet. It abuses twin 0-day flaws that Stuxnet later abused, one of which is the .LNK attack code. The attackers using Fanny infected sensitive computers, passing from one contaminated PC to another through USB detachable devices.

Microsoft remarked: the flaw was completely new which needed one fresh security update. While the company's 2010 patch fixed the Stuxnet-abused flaw, with technology forever evolving, cyber-criminals' methodologies too changed.

» SPAMfighter News - 3/20/2015