One of the vulnerabilities used to spread the Stuxnet virus was 2016’s most popular exploit, according to Russia cyber-security firm Kaspersky Labs. The vulnerability was one of the four zero-days used in the cyber-attacks against Iran’s nuclear program. CVE-2010-2568 is a security bug found in older versions of the Windows Shell (CplLnk) that affects Microsoft’s Windows 7, Vista, XP, Server 2008 and Server 2003 operating systems. Despite being more than half a decade old, the vulnerability remained extremely popular, due to the high number of Windws7 and XP computers still left on the market.
Source: https://www.bleepingcomputer.com/news/security/2016s-most-popular-exploit-was-the-vulnerability-used-for-the-stuxnet-attacks/