Oh, right. That guy said that thing about that other thing.
We totally zoned on that one. Our bad.
From Computer World:
Contrary to reports, a bug that Microsoft patched last week had been publicly discussed a year and a half ago, security researchers said this week.
Microsoft confirmed Wednesday that it overlooked the vulnerability when it was revealed last year.
The vulnerability in Windows Print Spooler service was one of four exploited by Stuxnet, a worm that some have suggested was crafted to sabotage an Iranian nuclear reactor.
I find it interesting that both Kaspersky and Symantec duffed on this one as well. It turns out that the “0-day” had been a known commodity since 2009. I’d be curious to know the magazine that published it.
I’m actually going to be digging into this Stuxnet story myself. I hope to have something written next week.
(Image used under CC from Chris)