Microsoft has issued a temporary workaround fix for a critical vulnerability being exploited by the Duqu Trojan.
The previously unknown vulnerability in the Win32k TrueType font parsing engine affects all versions of Windows from XP through to Windows 7, Microsoft said. "An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode," the company said in statement.
"The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We are aware of targeted attacks that try to use the reported vulnerability; overall, we see low customer impact at this time. This vulnerability is related to the Duqu malware," Microsoft added.
The Duqu Trojan was discovered earlier this month and according to Symantec researchers has similar source code as the infamous Stuxnet worm that last year attacked Iran’s uranium enrichment program. It has been spread via an infected Microsoft Word document.
This fix is a temporary workaround and Microsoft hopes to have a full patch released soon, although no time frame has been put on that yet. The company did say it will not be ready for this month’s Patch Tuesday update cycle.
This month’s Patch Tuesday will fix flaws across various versions of Windows. Three of the four bulletins affect remote code execution vulnerabilities while the final one fixes a denial of service vulnerability.
"The coming November Patch Tuesday will be a light release, as expected. There will be four bulletins, with one of them critical, although only affecting Vista, Windows 7 and 2008 Server R2. Interestingly the majority of bulletins only apply to these newer versions of Windows, and XP and 2003 users are only affected by bulletin three, which is rated important," said Qualys CTO Wolfgang Kandek.
"Overall, this is a Patch Tuesday that will give a break to many IT administrators," he added.
