Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:Spreading havoc? (Score 2, Informative) 390

by sh0dan (#33735232) Attached to: Stuxnet Worm Claimed To Be Devastating In Iran
The first version of Stuxnet (Stuxnet-A), uses a special "autorun.inf", that has an executable at the beginning of the file (which the autorun.inf parser skips). After the executable the "proper" information for the autorun.inf add another "Open" option for the rightclick menu. Selecting this will execute the content of autorun.inf (the malware). read about it here.

The second version (Stuxnet-B or Stuxnet!lnk), uses the zero-day .lnk file vulnerability, that will automatically execute the content, when you browse the content of the USB stick.

See the links for more detail - it's quite fascinating (also from a technical perspective).

He keeps differentiating, flying off on a tangent.

Working...