According to a security advisory issued by Microsoft yesterday, the Duqu virus that has been creating havoc, has been finally brought to book by Microsoft, albeit temporarily. The virus, which was deemed critical managed to install a highly sophisticated malware, which attempted to victimize manufacturers of industrial systems. Microsft adds that the vulnerability was found in the Win32k TrueType font parsing engine. The malware was such, that it could enable the attacker to run a code in the kernel mode. This meant that the attacker could, with full user rights install programs; view, change, or delete data; or create new accounts, among other functions. The advisory further adds that Microsoft believes all the above mentioned vulnerabilities point out to the Duqu malware.
Currently under control
Currently in its investigative phase, Microsoft assures that it will begin its security measures, soon after. These measures, according to the advisory may range anywhere from security update in a monthly fashion or an out-of-cycle security update depending on the user's needs. Educating the lay user about the characteristics of the Duqu virus, Microsoft adds that unless a user opens the infected e-mail attachment the virus cannot begin its exploits.
Publish date: November 4, 2011 4:58 pm| Modified date: December 18, 2013 8:52 pm