Experts at Kaspersky discovered that Stuxnet exploits targeting a Windows Shell Vulnerability is still largely used in cyber attacks. Windows Shell vulnerability allows a remote or local attacker to run code via a malicious.LNK or.PIF file via an improperly handled icon displayed in Windows Explorer. Microsoft issued a security patch on August 2nd, 2010, meanwhile St.uxnet was first discovered in June 2010. In the period between November 2013 and June 2014, the exploits were detected 50 million times targeting nearly 19 million machines.”]
Source: https://securityaffairs.co/wordpress/27633/cyber-crime/stuxnet-flaw-still-targeted.html

