Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response

Stuxnet Print Spooler Zero-Day Vulnerability not a Zero-Day at All?

Created: 18 Sep 2010 04:29:21 GMT • Updated: 23 Jan 2014 18:25:00 GMT • Translations available: 日本語
Liam O Murchu's picture
0 0 Votes
Login to vote

We have been made aware of a recent blog posting pointing to the fact that the print spooler vulnerability used by W32.Stuxnet and addressed in the Microsoft Windows Print Spooler Service Remote Code Execution Vulnerability was in fact known about since 2009. An article was published in a security magazine that showed how the vulnerability worked in late 2009. We are currently investigating this; however, from our initial review of that article it appears to do exactly what Stuxnet does when exploiting the Print Spooler vulnerability. We will update this article with more information shortly.

Update: We have confirmed with Microsoft that this issue is indeed one that was patched with the release of Microsoft Security Bulletin MS10-061.