As we all know that in computer security, a vulnerability is a weakness which allows an attacker to reduce a system’s information assurance. Hence, a Six-year-old patched Stuxnet malware remains the internet’s chief pwning vector, which is the key instrument of the world’s dangerous exploit kit known as Angler.
Stuxnet Is Still The Popular Vulnerability Used By HackersAccording to the experts of the tech giant Microsoft, a six-year-old vulnerability exploited by the attackers to spread malware Stuxnet, which is still the main vector of cyber attacks and the key instrument in the set of popular exploits Angler. Hence, the number of Windows systems worldwide hit with malware infection attempts in the second half of last year jumped by nearly 6% over the earlier year to the 20%.
Various malware groups exploit the vulnerability but the users would be most likely to encounter it when confronted with the popular exploits Angler which has maintained its dominance in the crimeware market since the passing of Black Hole in 2013.
The critical vulnerability CVE-2010-2568 affects the Microsoft Windows products and allows attackers to compromise the vulnerable system. The problem is caused due to insufficient treatment of certain parameters in the Windows Shell when processing shortcuts (.lnk or .pif) during the connection icon. This can be exploited via a specially crafted shortcut to execute arbitrary code on the system.
The vulnerability is known and has been well fixed ever since it became known about the powerful malware the Stuxnet, which infected the systems of uranium enrichment plant in the Iranian city of Natanz.
According to the reports, the Security Intelligence Reports to the tech giant Microsoft, as of the first half of 2015, and this vulnerability was the most popular among hackers. Typically, the malware Stuxnet was identified as a representative of Win32 / CplLnk family, however, they were recorded and the vulnerability affects the versions of Windows 8 and above.
The same report also says that in the past year hackers have preferred sets of exploits (exploit kits) over other methods of propagation of malicious code that allows you to automate the process of infection. The most popular family of malware was Win32 / Gamarue, one of the largest and oldest botnets. Also, a growing number of potentially unwanted applications and phishing attacks against financial institutions. In response to this, from 74.3% to 77.1% increase in the number of users working with real-time security applications.
As the Redmond company says that “high and medium -severity holes represented about 40 percent and 50 percent of all holes disclosed in the latter six months of last year compared to earlier months, the number of the former surging by 41.7 percent over the period”.