Microsoft issues temporary Duqu fix

Temporary workaround available until a full patch can be concocted
Kerry Butters
Kerry Butters -

Microsoft Logo

Microsoft have come up with a temporary “workaround” in response to the threat from the Duqu trojan.

The ‘fixit’ is available now until they come up with a permanent security patch to plug the vulnerability that the malware exploits.

The vulnerability can be found in Win32k TrueType font parsing engine and allows an attacker to run arbitrary code in kernel mode once they have exploited it.

This means that an attacker could then go on to take control of a system, as well as install programs, delete data, or create new user accounts with full access.

Although levels of infection remain low at the moment, the similarity of Duqu to the Stuxnet worm is causing some concern.

Whilst Duqu has so far only been observed collating information from industrial targets, security specialists fear that this is merely a precursor to a more serious attack.

Stuxnet was used to take over control systems in an Iranian nuclear plant.

Microsoft are expected to release a security update either in one of its monthly update Tuesdays or via an out-of-cycle security update, the exact method employed will depend on “customer needs”.

Duqu can only infect machines through an email attachment at the moment, therefore it is advisable for users not to open attachments unless they are sure of the source and content.

Duqu affects all current versions of Windows, including Windows 7 and Windows server 2008.

To install the workaround, visit the Microsoft support site and look for the fixit icon.

Post a comment

Your email address will not be published. Required fields are marked *


Visited 586 times, 9 so far today