[PC-BSD Testing] Would you trust the operation and security of your nuclear facility to Windows, lol?

Lars Engels lars.engels at 0x20.net
Thu Sep 23 22:31:42 PDT 2010


On Thu, Sep 23, 2010 at 07:42:54PM -0400, Ian Robinson wrote:
> Would you trust the operation and security of your nuclear facility to
> Windows, lol?
> 
> Recent news reports link Stuxnet, a highly sophisticated computer worm/root
> kit, in an attempt to destroy operations at Iran's Bushehr nuclear reactor.
> 
> 
> Stuxnet's code exploited four different unpatched Windows vulnerabilities,
> including Windows print spooler.  Microsoft had known about for at least a
> year.  "Microsoft confirmed Wednesday that it overlooked the vulnerability
> when it was revealed last year."  The code also exploits the same
> vulnerability that was used to spread the Conficker virus (a.k.a.
> Downadup).  The Stuxnet exploits other flaws and can be used by attackers to
> upgrade access privileges on compromised PCs to administrator status.  While
> Microsoft says it will patch the flaws in a future update -- Microsoft said
> last week that it has not set a timetable for the fixes.
> 
> Sources:
> 
> http://www.computerworld.com/s/article/9187300/Microsoft_confirms_it_missed_Stuxnet_print_spooler_zero_day_
> 
> http://www.pcworld.com/businesscenter/article/205827/was_stuxnet_built_to_attack_irans_nuclear_program.html
> 
> http://www.symantec.com/connect/blogs/stuxnet-introduces-first-known-rootkit-scada-devices
> 
> Picture of Facility's Control Panel showing Windows Error Message:
> http://www.upi.com/News_Photos/Features/The-Nuclear-Issue-in-Iran/1581/2/


$ egrep -i '(pcbsd)|(testing)' $your_message
$

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.pcbsd.org/pipermail/testing/attachments/20100924/0e3c4567/attachment.pgp>


More information about the Testing mailing list