Comments on: Stuxnet Paper Updated News, Views, and Insight from the ESET Security Community Mon, 03 Feb 2014 08:49:00 +0000 hourly 1 By: curious Tue, 09 Nov 2010 15:56:17 +0000 Could you tell me about the task scheduler vulnerability account environment in win7?
I tested some account cases.
1. a normal user with no password
- Cannot create a job
2. a normal user with password
- can create a job but it requires a password input so I think stuxnet's malcode is not doing well..
(malcode doesn't know user's password)
3. a admin user with password
- can create a job
- it doesn't matter forging crc32
- just make a job xml files with system privilege and create it as a job, have done.
which account is correct case of stuxnet?
thank you