Home Security Windows flaw that allowed Stuxnet still being exploited

A vulnerability in Microsoft's Windows operating system that was used, allegedly by the US and Israel, to plant the Stuxnet virus in Iranian nuclear plants is still among the most exploited flaws in the OS.

Microsoft issued a patch for the flaw, documented as CVE-2010-2568, back in 2010.

Data from anti-virus company Kaspersky showed that almost a quarter of Windows users who experienced a threat to their systems in 2016 were faced by exploits of this flaw.

It said that the release of the recent batch of CIA exploits by Shadow Brokers had shown that the life of an exploit did not end once a patch was released to fix the vulnerability that it used.

"Our research suggests that threat actors are still actively and successfully exploiting vulnerabilities patched almost a decade ago," the company said, with the chart below illustrating this.

Kaspersky chart.

Kaspersky Lab also issued the following statistics about exploits in 2015-16:

  • In 2016 the number of attacks with exploits increased 24.54%, to 702,026,084 attempts to launch an exploit.
  • A total of 4,347,966 users were attacked with exploits in 2016 which is 20.85% less than in the previous year.
  • The number of corporate users who encountered an exploit at least once increased 28.35% to reach 690,557, or 15.76% of the total amount of users attacked with exploits.
  • Browsers, Windows, Android and Microsoft Office were the applications exploited most often – 69.8% of users encountered an exploit for one of these applications at least once in 2016.
  • In 2016, more than 297,000 users worldwide were attacked by unknown exploits (zero-day and heavily obfuscated known exploits).

Kaspersky found that Windows, Flash and Microsoft Office topped the list of software that was attacked in 2015-16.

kaspersky chart.

Graphics: courtesy Kaspersky Lab.


Download an in-depth guide to managing a healthy, motivated and energetic workforce without breaking the bank.


Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.






Join the iTWire Community and be part of the latest news, invites to exclusive events, whitepapers and educational materials and oppertunities.
Why do I want to receive this daily update?
  • The latest features from iTWire
  • Free whitepaper downloads
  • Industry opportunities