Stuxnet been used up to four previously unknown vulnerability to run code on infected machines. This made it 100% effective against any Windows from 2000 until 7.Only administrators who had taken the utmost care would have been able to deliver the menaza.

one allowing code execution while the Auto Play and Auto Run is off. For practical purposes means that it had discovered a whole new way to run code on Windows when you insert a removable device regardless of whether they have taken all appropriate measures known so far to stop it. This helped to maximize dissemination via USB and Windows Explorer itself. It was patched by Microsoft in a news emergency.