Barney's Blog

Blog archive

Duqu Malware Gets Temporary Bypass

The Duqu zero-day exploit has had Microsoft twisting, turning and churning for a solution. Duqu exploits a hole in the Windows kernel and lets hackers remotely access and control your unfixed computer.

That's until Microsoft came out with a workaround last week. The stopgap solution can protect the kernel with just a few lines of code and a one click-install. That's some pretty efficient code.

Security vendors also have Duqu information in hand to attack this attack.

Posted by Doug Barney on 11/07/2011 at 1:18 PM


comments powered by Disqus

Reader Comments:

Tue, Nov 8, 2011 Tom

After some investigation last week, we decided to implement the 'work around' - basically removing privs to t2embed.dll. The concern is that it may also be possible to exploit this by visiting a web page containing the malicious True Type font.

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.