diff --git a/modules/exploits/windows/smb/ms10_061_spoolss.rb b/modules/exploits/windows/smb/ms10_061_spoolss.rb
index ac83cc784d..85f03cc0b8 100644
--- a/modules/exploits/windows/smb/ms10_061_spoolss.rb
+++ b/modules/exploits/windows/smb/ms10_061_spoolss.rb
@@ -32,10 +32,10 @@ class Metasploit3 < Msf::Exploit::Remote
 				By sending WritePrinter requests, an attacker can fully control the content of
 				the created file.
 
-				In order to gain code execution, this module writes an EXE and then (ab)uses the
-				impersonation vulnerability a second time to create a secondary RPC connection
-				to the \\PIPE\\ATSVC named pipe. We then proceed to create a remote AT job using
-				a blind NetrJobAdd RPC call.
+				In order to gain code execution, this module writes to a directory used by Windows
+				Manamgenet Instrumentation (WMI) to deploy applications. This directory (Wbem\\Mof)
+				is periodically scanned and any new .mof files are processed automatically. This is
+				the same technique employed by the Stuxnet code found in the wild.
 			},
 			'Author'         =>
 				[