HP Security Research Blog
The HP Security Research blog provides a platform for security experts from across HP to discuss innovative research, industry observations, and updates on the threat landscape to help organizations proactively identify and manage risk.

Full details on CVE-2015-0096 and the failed MS10-046 Stuxnet fix

zdi-small.pngIn accordance with the Zero Day Initiative’s disclosure policies, we are releasing full details on the CVE-2015-0096 issue patched today in MS15-020. This issue concerns a Stuxnet vulnerability first allegedly addressed by MS10-046. We track this issue as ZDI-15-086.

CVE-2015-0096 issue patched today involves failed Stuxnet fix

zdi-small.pngA vulnerability disclosed to Microsoft by the Zero Day Initiative demonstrates that fully patched machines have been vulnerable to the CVE-2010-2568 – the LNK vulnerability first widely reported in Stuxnet -- for nearly five years.

Some uncomfortable truths about state-sponsored malware

Recent discussions regarding Edward Snowden and the NSA have raised some uncomfortable questions for the makers of anti-virus software.

Search
Showing results for 
Search instead for 
Do you mean 
About the Author(s)
HP Blog

HP Software Solutions Blog

Featured


Follow Us
Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.