The second time Microsoft has released an update to protect against the Stuxnet virus
Five years later, after Microsoft has released an update for Windows that protects the operating system from the computer worm Stuxnet, the company again did the same thing. The reason is that the first update really wasn’t enough and the Windows were left vulnerable for another five years.
Infamous computer Stuxnet was discovered in 2010. He is considered the first cyber weapon used by one state against another. Stuxnet was designed to attack special equipment in nuclear power plants in Iran, and for this purpose they used a hole in Windows security.
It is believed that Stuxnet managed to disable at least one-fifth of the centrifuges for processing uranium for Iranian plants, thereby causing serious delay in the development of the country’s nuclear program. Despite specific spread via USB flash drives Stuxnet was discovered on other computers outside Iran.
The new update should solve the problem completely. It is part of the traditional «Tuesday patches», under which Microsoft issues monthly updates of its products. Patch for Stuxnet is defined as the most important update in the newsletter this month.
In the software package also includes several other updates that have a status of «critical» and recommended for immediate installation. Among them a patch that aims to eliminate the recently discovered problem FREAK. It allows hackers to send commands to the operating system via Internet Explorer to use lower levels of encryption in HTTPS-connection, which was considered already long ago forgotten. It appears, however, that this type of encryption is still in use and there are ways to activate it as the main one. This allows hackers to obtain information that is exchanged between the website and the user.
In the last «Tuesday patches» Microsoft has released and other updates for security. One of them is related to Internet Explorer and affects all versions from IE6 and up. It is also defined as «critical» and the software giant recommends that users and system administrators install it as soon as possible.