Vulnerability Management

Vulnerability exploited by Stuxnet still a threat

Despite being patched four years ago by Microsoft, a vulnerability in XP, Vista, Windows 7, and Windows Server 2003/2008 that Stuxnet exploits is still around and kicking, according to researchers at Kaspersky Lab.

Stuxnet was first discovered in June 2010 and by the beginning of August that same year, Microsoft had issued a patch for the CVE 2010-2658 vulnerability, which should have closed the book on it. But Kaspersky's systems continue to “register millions of instances” of malware exploiting the vulnerability. 

During the period between November 2013 and June 2014 when the security team was conducting its research, more than 19 million users, primarily in Vietnam (42.45 percent), and India (11.7 percent), encountered the threat.

Kaspersky attributes the ongoing threat to “poorly maintained servers without regular updates or a security solution installed.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.