We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Worm:Win32/Stuxnet.A
Detected by Microsoft Defender Antivirus
Aliases: RKIT/Stuxnet.A (Avira) Win32/Stuxnet.A (CA) Trojan.Stuxnet.1 (Dr.Web) Stuxnet (McAfee) RTKT_STUXNET.A (Trend Micro) Trojan:Win32/Stuxnet.A (other)
Summary
Worm:Win32/Stuxnet.A is the detection for a worm that spreads to all removable drives. It does this by dropping shortcut files (.LNK) that automatically run when the removable drive is accessed using an application that displays shortcut icons (for example, Windows Explorer).
It is capable of dropping and installing other components, injecting code into currently-running processes, and allowing backdoor access and control to the infected computer.
This worm uses as an attack vector discussed in
Microsoft Security Bulletin MS10-046
. Refer to the advisory for mitigating factors and workarounds to the vulnerability.
To detect and remove this threat and other malicious software that may be installed in your computer, run a full-system scan with an up-to-date antivirus product such as the following:
For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.