Microsoft Releases Temporary Plug For Duqu

November 4, 2011
Cyber Security, FedCyber Wire, Responses
No Comment

Microsoft (NSDQ:MSFT) has released a temporary fix for the Windows flaw exploited by Duqu, the Stuxnet-related malware believed to have been created for industrial cyber-espionage.

In releasing the workaround late Thursday, Microsoft officially confirmed the existence of the zero-day vulnerability exploited by the Duqu Trojan. The flaw is in the Win32k TrueType font parsing engine, where the vulnerability can be used to run code in kernel mode, the company says. Such access could enable an attacker to install programs, change or delete data, or create new user accounts with full rights to a system.

The latest release, called Security Advisory 2639658, is a “fix it” that provides enterprises with one-click installation of a workaround to block the installation of malware. Microsoft said detailed information on how to detect malware trying to exploit the vulnerability would be released to anti-virus companies, which were expected to update their products within hours.

via CRN, continued here.