Comments on: Stuxnet Paper Updated http://www.welivesecurity.com/2010/11/02/stuxnet-paper-updated/ News, Views, and Insight from the ESET Security Community Mon, 03 Feb 2014 08:49:00 +0000 hourly 1 http://wordpress.org/?v=3.7 By: curious http://www.welivesecurity.com/2010/11/02/stuxnet-paper-updated/#comment-2588 Tue, 09 Nov 2010 15:56:17 +0000 http://blog.eset.com/?p=5355#comment-2588 Could you tell me about the task scheduler vulnerability account environment in win7?
I tested some account cases.
 
1. a normal user with no password
- Cannot create a job
2. a normal user with password
- can create a job but it requires a password input so I think stuxnet's malcode is not doing well..
(malcode doesn't know user's password)
3. a admin user with password
- can create a job
- it doesn't matter forging crc32
- just make a job xml files with system privilege and create it as a job, have done.
 
which account is correct case of stuxnet?
 
thank you
 
 
 
 

]]>