Stuxnet Microsoft Miss
Stuxnet Microsoft Miss – A bug that was patched last week by Microsoft had first been publicly discussed nearly a year and a half ago, according to security researchers. Microsoft confirmed on Wednesday that the company had overlooked the security threat when it was first brought to their attention last year. The threat left many systems vulnerable for quite some time and it is not immediately clear why Microsoft did not act on the tips.
The researchers who performed the study were part of Kaspersky Lab and Symantec. The two groups confirmed that Microsoft had receives reports of the bug in July and August, but said that the vulnerability, which regarded a print spooler, had not been publicly disclosed before they found out that Stuxnet was using the flaw.
Microsoft apologized for their lack of timely updates on the issue, and assured customers that they would act more quickly in the future. They said that the claims that were raised by Symantec and Kaspersky Lab were accurate in that the company had been notified about the error over a year ago but had not done anything to resolve the issue until last week, when they learned that Stuxnet had been exploiting the flaw for quite some time.
The update fixed four different vulnerabilities. There is not much information available on what the two smaller vulnerabilities were at this time.