1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Microsoft Windows Zero-Day Exploited By Duqu Attackers

Discussion in 'Security Updates' started by snoopy, Nov 2, 2011.

  1. snoopy

    snoopy Registered Members

    Joined:
    Aug 1, 2010
    Messages:
    1,671
    Location:
    At my computer
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    custom built -
    Microsoft Windows Zero-Day Exploited by Duqu Attackers

    By Brian Prince on November 01, 2011

    According to Symantec, researchers at the Laboratory of Cryptography and System Security (CrySyS) - the group that initially discovered the original Duqu binaries - has located an installer for the malware. The installer file is a malicious Microsoft Word document that exploits a previously-unknown kernel vulnerability that allows code execution. Microsoft has been notified and is working on a fix.

    “When the file is opened, malicious code executes and installs the main Duqu binaries,” blogged Vikram Thakur, principal security response manager at Symantec.

    “The Word document was crafted in such a way as to definitively target the intended receiving organization,” he continued. “Furthermore, the shell-code ensured that Duqu would only be installed during an eight-day window in August. Please note that this installer is the only installer to have been recovered at the time of writing—the attackers may have used other methods of infection in different organizations. Unfortunately, no robust workarounds exist at this time other than following best practices, such as avoiding documents from unknown parties and utilizing alternative software.”

    http://www.securityweek.com/microsoft-windows-zero-day-exploited-duqu-attackers
     
    snoopy, Nov 2, 2011
    #1

Share This Page