Thursday, November 4, 2010

Symantec Stuxnet Update

Yesterday, Symantec published the 1.2 version of their Stuxnet Dossier. According to a blog on their site, they have still not been able to identify the actual target for Stuxnet, but they have done some additional work on the “high level the behavior of the PLC code” and have updated their Stuxnet document to include that information.

The updated information is a bit over my head (I was an ICS user not programmer), but it would certainly be of interest to control systems engineers and security experts.

The blogger, Eric Chen, notes that they would have provided some more information on the remaining zero-day vulnerability, but Microsoft has still not provided a patch/update to resolve that vulnerability (a “Task Scheduler privilege escalation vulnerability”) so Symantec will hold off until some future revision of the Dossier to explain that issue.

No comments:

/* Use this with templates/template-twocol.html */