Stuxnet worm - Advanced malware could impact industrial control systems for unpatched systems
AVERT Labs provides an informative update on highly advanced malware that could impact automation found in industrial control systems. These firms should thoroughly patch all software and scan for the presence of malware.
MS10-046: Stuxnet Advanced Malware that could impact energy firms for unpatched Windows
QUOTE: Stuxnet is a highly complex virus targeting Siemens’ SCADA software. The threat exploits a previously unpatched vulnerability in Siemens SIMATIC WinCC/STEP 7 (CVE-2010-2772) and four vulnerabilities in Microsoft Windows, two of which have been patched at this time (CVE-2010-2568, CVE-2010-2729). It also utilizes a rootkit to conceal its presence, as well as 2 different stolen digital certificates.
Stuxnet infects Windows systems in its search for industrial control systems, often generically (but incorrectly) known as SCADA systems. Industrial control systems consist of Programmable Logic Controllers (PLCs), which can be thought of as mini-computers that can be programmed from a Windows system. These PLCs contain special code that controls the automation of industrial processes—for instance, to control machinery in a plant or a factory. Programmers use software (e.g., on a Windows PC) to create code and then upload their code to the PLCs.
Windows Shell (LNK) Vulnerability - Patch by performing Windows update