Three of the four of Stuxnet used vulnerabilities, Microsoft has already patched, but the fourth is for still no update available. Now, a circulating exploit the web, the remaining gap in the Windows Task Scheduler exploited to access protected system directories - even if the user is logged on with limited rights only. Experts speak of Privilege Escalation. The Stuxnet worm set new standards by four unpatched security holes in Windows, in his attempt exploiting certain industrial control systems, the connection with the uranium enrichment are probably used to sabotage. According web DEViL, the developer of the exploits performed the demo on Windows Vista pest, 7 and Server 2008, his service in both the 32 - and in the 64-bit editions.

To allow an attacker to take over the gap to the higher rights, he can inject code into the first system of its victim and run. In this case, he has already long since numerous possibilities for hiding permanently in the foreign system and to listen in while surfing around websites such as online banking. Admin rights that demands a program on Windows 7 and Vista on the UAC dialog are still necessary, especially for low-level actions such as installing a rootkit. So far it is unclear when and Microsoft that will include a patch security hole if. The next scheduled patch day is the 14th of December this year scheduled for.