View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 3, 2011

Microsoft issues Duqu fix

Temporary workaround for critical vulnerability

By Steve Evans

Microsoft has issued a temporary workaround fix for a critical vulnerability being exploited by the Duqu Trojan.

The previously unknown vulnerability in the Win32k TrueType font parsing engine affects all versions of Windows from XP through to Windows 7, Microsoft said. "An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode," the company said in statement.

"The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We are aware of targeted attacks that try to use the reported vulnerability; overall, we see low customer impact at this time. This vulnerability is related to the Duqu malware," Microsoft added.

The Duqu Trojan was discovered earlier this month and according to Symantec researchers has similar source code as the infamous Stuxnet worm that last year attacked Iran’s uranium enrichment program. It has been spread via an infected Microsoft Word document.

This fix is a temporary workaround and Microsoft hopes to have a full patch released soon, although no time frame has been put on that yet. The company did say it will not be ready for this month’s Patch Tuesday update cycle.

This month’s Patch Tuesday will fix flaws across various versions of Windows. Three of the four bulletins affect remote code execution vulnerabilities while the final one fixes a denial of service vulnerability.

"The coming November Patch Tuesday will be a light release, as expected. There will be four bulletins, with one of them critical, although only affecting Vista, Windows 7 and 2008 Server R2. Interestingly the majority of bulletins only apply to these newer versions of Windows, and XP and 2003 users are only affected by bulletin three, which is rated important," said Qualys CTO Wolfgang Kandek.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

"Overall, this is a Patch Tuesday that will give a break to many IT administrators," he added.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.