Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Polls on the front page of Slashdot? Is the world coming to an end?! Nope; read more about it. ×

Comment: Re:Spreading havoc? (Score 2, Informative) 390

by sh0dan (#33735232) Attached to: Stuxnet Worm Claimed To Be Devastating In Iran
The first version of Stuxnet (Stuxnet-A), uses a special "autorun.inf", that has an executable at the beginning of the file (which the autorun.inf parser skips). After the executable the "proper" information for the autorun.inf add another "Open" option for the rightclick menu. Selecting this will execute the content of autorun.inf (the malware). read about it here.

The second version (Stuxnet-B or Stuxnet!lnk), uses the zero-day .lnk file vulnerability, that will automatically execute the content, when you browse the content of the USB stick.

See the links for more detail - it's quite fascinating (also from a technical perspective).

"To take a significant step forward, you must make a series of finite improvements." -- Donald J. Atwood, General Motors

Working...