[PC-BSD Testing] Would you trust the operation and security of your nuclear facility to Windows, lol?
Lars Engels
lars.engels at 0x20.net
Thu Sep 23 22:31:42 PDT 2010
On Thu, Sep 23, 2010 at 07:42:54PM -0400, Ian Robinson wrote:
> Would you trust the operation and security of your nuclear facility to
> Windows, lol?
>
> Recent news reports link Stuxnet, a highly sophisticated computer worm/root
> kit, in an attempt to destroy operations at Iran's Bushehr nuclear reactor.
>
>
> Stuxnet's code exploited four different unpatched Windows vulnerabilities,
> including Windows print spooler. Microsoft had known about for at least a
> year. "Microsoft confirmed Wednesday that it overlooked the vulnerability
> when it was revealed last year." The code also exploits the same
> vulnerability that was used to spread the Conficker virus (a.k.a.
> Downadup). The Stuxnet exploits other flaws and can be used by attackers to
> upgrade access privileges on compromised PCs to administrator status. While
> Microsoft says it will patch the flaws in a future update -- Microsoft said
> last week that it has not set a timetable for the fixes.
>
> Sources:
>
> http://www.computerworld.com/s/article/9187300/Microsoft_confirms_it_missed_Stuxnet_print_spooler_zero_day_
>
> http://www.pcworld.com/businesscenter/article/205827/was_stuxnet_built_to_attack_irans_nuclear_program.html
>
> http://www.symantec.com/connect/blogs/stuxnet-introduces-first-known-rootkit-scada-devices
>
> Picture of Facility's Control Panel showing Windows Error Message:
> http://www.upi.com/News_Photos/Features/The-Nuclear-Issue-in-Iran/1581/2/
$ egrep -i '(pcbsd)|(testing)' $your_message
$
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.pcbsd.org/pipermail/testing/attachments/20100924/0e3c4567/attachment.pgp>
More information about the Testing
mailing list