ancient stuxnet flaw still being used to attack millions of windows xp pcs
Last Updated : GMT 09:07:40
Egypt Today, egypt today
Egypt Today, egypt today
Last Updated : GMT 09:07:40
Egypt Today, egypt today

Ancient stuxnet flaw still being used to attack millions of Windows XP PCs

Egypt Today, egypt today

Egypt Today, egypt today Ancient stuxnet flaw still being used to attack millions of Windows XP PCs

Windows XP PCs
Tehran - FNA

A software vulnerability exploited by cyberweapons including Stuxnet and Flame is still being used to attack millions of users around the world four years after it was patched, a Kaspersky analysis has suggested.
The firm’s analysis looked at detections of malware trying its luck against CVE 2010-2658, an important flaw discovered to be affecting Windows XP, Vista, Windows 7, Server 2002 and Server 2008 in July 2010, and whose popularity remains strangely undimmed among cybercriminals, Techworld reported.
Between November 2013 and June 2014, Kaspersky Lab detected 19 million systems encountering malware that appeared to be using exploits targeting it, 64 percent of which were running Windows XP.
The top country registering these exploits was Vietnam (42.4 percent), India (11.7 percent), Indonesia (9.4 percent), Brazil (5.5 percent) and Algeria (3.7 percent), with a clutch of other developing countries also showing high levels of XP use featuring on the list.
CVE 2010-2658 was first noticed in the Sality worm and Stuxnet attacks in 2010, and was eventually patched by Microsoft in early August. As it happens, the persistence of this flaw is probably explained by Sality, detections of which seem to coincide closely with its activity.
Conclusions? Kaspersky Lab is cagey about how many real-world attacks these ‘detections’ translate into (the exploit created malicious shortcuts that can in theory be created by other malware) but it does implies a large number of machines are probably vulnerable to it despite the widespread availability of a patch.
Many of these systems also run Windows XP and may never be properly patched against a range of known software flaws.
“Kaspersky Lab’s experts presume that most of these stem from poorly maintained servers without regular updates or a security solution installed. These servers may also be inhabited by worms that use malware exploiting this vulnerability,” said Kaspersky Lab researcher, Yuri Ilyin.
But according to Tim Erlin, security R&D director at security firm Tripwire, the figures may be an underestimate of the true scale of the problem.
“Kaspersky is only seeing part of the picture here. As a malware detection product, they have recorded and measured ‘detections of exploits’ rather than the vulnerability itself,” he said.
“They can infer from the exploit activity that the vulnerability is present, but there may be many more systems that are vulnerable, but not yet being exploited.”
Although impossible to prove, it seemed likely that the large number of detections in certain countries was related to the number of unpatched systems, he said.

 

egypttoday
egypttoday

Name *

E-mail *

Comment Title*

Comment *

: Characters Left

Mandatory *

Terms of use

Publishing Terms: Not to offend the author, or to persons or sanctities or attacking religions or divine self. And stay away from sectarian and racial incitement and insults.

I agree with the Terms of Use

Security Code*

ancient stuxnet flaw still being used to attack millions of windows xp pcs ancient stuxnet flaw still being used to attack millions of windows xp pcs



 
 Egypt Today Facebook,egypt today facebook  Egypt Today Twitter,egypt today twitter Egypt Today Rss,egypt today rss  Egypt Today Youtube,egypt today youtube  Egypt Today Youtube,egypt today youtube

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©

egypttoday egypttoday egypttoday egypttoday
egypttoday egypttoday egypttoday
egypttoday
بناية النخيل - رأس النبع _ خلف السفارة الفرنسية _بيروت - لبنان
egypttoday, Egypttoday, Egypttoday