- Status
Not good for Microsoft, i wonder if they are going to release some kind of security fix for this.
Microsoft will fix this as soon as possible, as far as I'm aware they've not left anything that has been exposed/ found out in the open long enough (unless someone can link me to the source of such thing). It really is a never ending battle when it comes to this kind of thing it's like Star Wars with the battle of Jedi VS Sith. 
Yes it is a never ending battle. I won't be surprised when this gets patched and a new Duqu comes out with a new vuln.
There is a Microsoft Security Advisory describing the vulnerability used by DUQU (LINK) and a Fix, in the form of a Fix-It button (LINK). When you run the Enable fix it solution, the workaround denies the system access to the T2embed.dll. One thing to consider is that other malware authors might try to use this vulnerability in the near future hoping that Windows users failed to apply the fix.
I
illumination
Thread author
bogdan said:
Thank you for posting this Bogdan! I had just read about the fix earlier, and was going to post it in here, but you were already on it!
The last sentence in your post, is very accurate, and very well advised!
I'm just hoping that Microsoft will release a security update for this vulnerability this month. I'd rather use Windows Update than run Fix-It.
- Status
You may also like...
-
Nippon Steel Subsidiary Blames Data Breach on Zero-Day Attack- Started by Brownie2019
- Replies: 0
-
Windows LPE Vulnerabilities via Kernel Drivers and Named Pipes Allows Privilege Escalation
- Started by Brownie2019
- Replies: 2
-
Hackers Exploiting Microsoft Office 0-day Vulnerability to Deploy Malware
- Started by Brownie2019
- Replies: 3
-
Microsoft patches actively exploited Office zero-day vulnerability- Started by Parkinsond
- Replies: 0
-
Microsoft September 2025 Patch Tuesday fixes 81 flaws, two zero-days- Started by Gandalf_The_Grey
- Replies: 3