There is a recent vulnerability affecting Microsoft Windows (XP, Server 2003, Vista, Server 2008 and Windows 7) and there is no patch available from Microsoft yet.
See description of the vulnerability below. The famous Duqu worm has been silently exploiting this vulnerability in the wild.
The Duqu Virus has been also named as “Son of Stuxnet”. As you might recall, Stuxnet virus was targeting Siemens industrial control systems (SCADA) last year (June 2010) and has created havoc in many systems.
The Duqu Virus is a clone of Stuxnet and attacks victims usually through a Microsoft Word attachment in emails. If the victim opens the Word Document, the PC is infected and the attacker can even take control of the computer.
Microsoft has been working to find a permanent patch for this vulnerability. Until then, they released a temporary fix here.
Description:
The Microsoft Windows Kernel is susceptible to a vulnerability due to improper handling of TrueType fonts. This vulnerability is being actively exploited in the wild by the Duqu worm.By enticing the target to view a document with a malicious font, the attacker can exploit this vulnerability in order to execute arbitrary code on the target machine with SYSTEM-level permissions.
Status:
vendor confirmed, updates not available
References:
Microsoft Security Advisory
http://technet.microsoft.com/en-us/security/advisory/2639658
Common Vulnerabilities and Exposures
Leave a Reply