10 stories

gateProtect blocks Stuxnet in new security update

Hamburg, Germany. November 2, 2010 – The network security provider gateProtect has released a security update for its xUTM appliances that prevents the Stuxnet rootkit (Worm.Win32.Stuxnet) from spreading through corporate networks. Stuxnet can infiltrate computers, even those not connected to the internet, via infected USB sticks and by exploiting several security vulnerabilities in Windows systems. Once inside a network, the worm spreads by copying itself across common network drives. The new security update from gateProtect stops Stuxnet from spreading and from downloading updates to enable it to mutate further. gateProtect’s integrated virus engine also recognizes Stuxnet and neutralizes it. The new update is available to customers now via the gateProtect Update Center.

Stuxnet works by manipulating control systems in manufacturing plants, such as those used in the energy production and chemical industries. The worm, which infects computers running Siemens WinCC Scada software, is dangerous due to the way in which it propagates. The infection can currently be triggered by something as simple as a contaminated USB thumb drive being inserted into any computer in the corporate network – the worm then finds its own way to the programmable logic controllers (PLC) that drive the production systems.

gateProtect warns companies that Stuxnet can affect multiple users, not only those working with the Siemens SIMATIC solution that drives production plants. Even ordinary PCs with no connection to the Siemens system can be affected, because the worm uses them to propagate itself through the network. gateProtect users are protected from this threat as the company’s xUTM appliances include integrated virus protection that recognizes the Stuxnet signature and neutralizes it.