In early January of 2015, researcher Michael Heerklotz approached ZDI with details of a critical vulnerability in the Microsoft Windows operating system. The vulnerability demonstrates that a security patch released by Microsoft in August 2010 does not, in fact, fix the CVE-2010-2568 .LNK issue first widely reported in Stuxnet – leaving all Windows machines vulnerable ever since.
more here.......http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/CVE-2015-0096-issue-patched-today-involves-failed-Stuxnet-fix/ba-p/6718402
more here.......http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/CVE-2015-0096-issue-patched-today-involves-failed-Stuxnet-fix/ba-p/6718402