A well-known Windows vulnerability remained the most widely exploited software bug in both 2015 and 2016. Kaspersky Lab says the Stuxnet worm continues to be a vulnerability of choice for many attackers. This is interesting considering the bug was patched years ago.
In its report, Kaspersky Lab says in 2015, 27 percent of its users who encountered an exploit were exposed to the Stuxnet. This critical Windows vulnerability is indexed as CVE-2010-2568. It was the highest-ranking exploit among users, the security company says.
Results for 2016 show that the use of Stuxnet dropped to 24.7 percent, but it remained the most “popular” exploit. The vulnerability is triggered through an external USB drive that is loaded with malicious content.
The code execution flaw was discovered on Windows and disclosed in July 2010. The Stuxnet vulnerability lives in functions that process .LNK files within Windows. The platform uses these files to display icons from a connected USB storage device.
Attackers can load the .LNK files with malware that will upload an infection onto a machine when the UBS device is connected.
One reason why Stuxnet because a popular exploit is because it was easy to implement and would load the malicious content onto a machine even when the autorun is turned off.
Patched but still Dangerous
Microsoft acted quickly to shore up Windows against Stuxnet with a patch in 2010. Despite this, Kaspersky Lab shows that the exploit remains very popular. While this highlights the potential longevity of the vulnerability, it does not necessarily mean it is being implemented now.
Instead, because it was so easy to load without user interaction, it has likely been living in multi-PC networks. It can spread across networks from one vulnerable machine. Kaspersky points out that this longevity shows how long lasting and robust worms are as an attack method.