Exploit released for unpatched Stuxnet hole
Microsoft has already patched three of the four security holes exploited by Stuxnet, but the fourth hole remains unpatched. Now, an exploit, currently being circulated on the web, exploits the remaining hole in the Windows Task Planner to access protected system directories – even if a user is only logged in with limited access privileges. Experts call this a privilege escalation attack.
The Stuxnet worm set new standards by attempting to exploit a total of four unpatched security holes in Windows to sabotage certain industrial control systems thought to be used in connection with Uranium enrichment processes and with power generation. According to webDEViL, who developed the exploit, the demo malware works under Windows 7, Vista and Server 2008, both in their 32-bit and in the 64-bit versions.
Attackers wanting to exploit the hole to escalate their privileges must first be able to inject code into their victims' systems and execute it there. The ability to do so already gives potential attackers numerous ways of permanently compromising a system and, for instance, tapping into online banking pages a user may access. Admin privileges, which a program under Windows 7 and Vista requests via the UAC dialogue, are mainly required for such system-related activities as installing a root kit.
It remains unclear whether, or when, Microsoft will patch this security hole. The next regular Patch Tuesday is scheduled for the 14th of December, 2010.