Blog | G5 Cyber Security

TDL4 Rootkit Now Using Stuxnet Bug

The TDL4 rootkit is now using one of the Windows bugs that was first seen in use by Stuxnet. The latest modification enables the rootkit to use the unpatched Windows Task Scheduler vulnerability on Windows 7 machines to escalate its privileges once it is resident on an infected PC. The bug is not a remote code-execution bug, but can be used to escalate an attacker’s privileges once he s already gotten a foothold on a compromised machine. The malware has been active for some time now, but recent samples of it have turned up with an exploit for the bug.

Source: https://threatpost.com/tdl4-rootkit-now-using-stuxnet-bug-120710/74746/

Exit mobile version