awenlock
-
Total Posts
:
255
- Scores: 196
-
Reward points
:
25620
- Joined: 3/8/2005
-
Status: offline
|
0-Day Vulnerability in Windows - Duqu Virus
Friday, November 04, 2011 4:39 AM
( permalink)
Microsoft have published an advisory around a new 0-Day vulnerability in Windows which is being exploited by the recent Duqu virus which has been in the press recently. Duqu is reported to be a potential follow up for the Stuxnet virus. The vulnerability affects all versions of Windows Details from Microsoft:
Microsoft is investigating a vulnerability in a Microsoft Windows component, the Win32k TrueType font parsing engine. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We are aware of targeted attacks that try to use the reported vulnerability; overall, we see low customer impact at this time. This vulnerability is related to the Duqu malware.
Whether Microsoft can get this issue resolved before next week's patch week is yet to be seen, but based on the short times scales it may end up going into next months updates or being released out of band if Microsoft feel it needs releasing sooner. Symantec have some good write up's about the virus as well which are worth a read if you get time. Links: Microsoft: http://technet.microsoft....urity/advisory/2639658 Symantec: http://www.symantec.com/b...id=us_ghp_banner1_duqu Regards Alan
<message edited by awenlock on Tuesday, September 11, 2012 5:24 PM>
|
|
|
|