Stuxnet Reference Material
The following material was compiled from a variety of relability sources, and contains information covering the various aspects of the Win32.Stuxnet worm.
The following material was compiled from a variety of relability sources, and contains information covering the various aspects of the Win32.Stuxnet worm.
How Digital Detectives Deciphered Stuxnet, the Most Menacing Malware in History - Kim Zetter - Threat Level/Wired
Summing Up Stuxnet in Four Easy Sections
What Does Stuxnet Mean for ICS (presentation)
Win32.Stuxnet Dossier - Symantec
Symantec Blog on Stuxnet
Stuxnet Under the Microscope - ESET
Roger Langner's Site
Code-Signing Best Practices by Microsoft
Stuxnet Malware Analysis - Amr Thabet - published Sept. 9, 2011 (website, MrxNet.sys source)
Stuxnet Expert: Analysis Shows Design Flaw, Not Vulnerability Sunk Siemens - ThreatPost - published Jan. 19, 2012 (Langner presents new findings at 2012 S4)
USB Malware Targeting Siemens Control Software
(Initial Release)
USB Malware Targeting Siemens Control Software (Rev A)
USB Malware Targeting Siemens Control Software (Rev B)
USB Malware Targeting Siemens Control Software (Rev C)
Stuxnet Malware Mitigation (Initial Release)
Stuxnet Malware Mitigation (Rev A)
Stuxnet Malware Mitigation (Rev B)
Primary Stuxnet Indicators
Windows Server Service RPC Handling Remote Code
Execution Vulnerability (MS08-067)
Windows Shortcut 'LNK/PIF' Files Automatic File Execution Vulnerability
(MS10-043)
Windows Print Spooler Service Remote Code Execution Vulnerability
(MS10-061)
Windows 'NtUserCheckAccessForIntegrityLevel' Local Privilege Escalation
Vulnerability (MS10-073)
Windows Kernel 'Win32k.sys' Keyboard Layout Local Privilege Escalation
Vulnerability (MS10-073)
Windows Kernel 'Win32k.sys' Window Class Local Privilege Escalation
Vulnerability (MS10-073)
Windows Kernel Task Scheduler Service Local Privilege Escalation
Vulnerability (MS10-092)