Stuxnet and the Windows fault : industrial systems affected

The Stuxnet worm which exploits a fault in the Windows Shell, affecting all Windows operating systems, is also targeting industrial systems.

Microsoft may perhaps not wait for the next Patch Tuesday to correct the fault affecting Windows Shell, as this fault affects links displayed in Windows leading to processes being launched via .lnk files.

It is possible that Microsoft will release an emergency patch as reported attacks are multiplying, with the Stuxnet computer worm spreading wildly (mainly through USB Flash drives), leading to an increased number of infections in industrial systems.

Stuxnet is used to attack targets identified as SCADA systems. SCADA, for Supervisory Control And Data Acquisition, is a data monitoring and acquisition system present in a diverse range of industrial fields.

According to ESET Virus Lab, the worm is particularly active in the United States and Iran. ESET’s analysis laboratory’s manager, Juraj Malcho believes that this is a typical example of a targeted attack using a 0-day fault and an "example of computer assisted industrial spying".

Industrial espionage isn’t really a risk to the home user. Nevertheless, ESET predicts an evolution in the malicious software families which will exploit the Windows Shell issue.