Stuxnet Mitigation Methods

Wednesday, October 20, 2010 @ 11:10 PM gHale


By Gregory Hale
While some users in the industry may think they are in the clear because they don’t use Siemens software, think again because any Windows-based system can suffer from this malware, regardless of whether or not it uses Siemens software, according to a white paper entitled “Analysis of the Siemens WinCC / PCS7 “Stuxnet” Malware for Industrial Control System Professionals” written by Eric Byres, chief technology officer at Byres Security.
Stuxnet is a computer worm designed to take advantage of a number of security vulnerabilities in the Windows operating system and Siemens SIMATIC WinCC, PCS7 and S7 product lines. The list of vulnerable systems has expanded to include all unsupported and current versions of Windows including Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 and Windows 7, according to Byres’ paper. Of particular importance are the Windows 2000 systems, as there are no patches for these systems. It appears that Stuxnet will infect Windows NT machines, but will then abort.
Byres along with Scott Howard of Byres Security created a Stuxnet Mitigation Overview chart.
part1part2part3



One Response to “Stuxnet Mitigation Methods”

  1. […] level, is now fixed, the second one is still there without a corrective patch. There are several mitigation methods for different Windows versions and Siemens have delivered a tool which can be used to remove […]


Leave a Reply

You must be logged in to post a comment.