Patch Tuesday: Fix for 'Duqu' zero-day not likely this month

Patch Tuesday: Fix for 'Duqu' zero-day not likely this month

Summary: Three of the bulletins carry "remote code execution" risk while the fourth exposes Windows users to denial-of-service attacks.

SHARE:

Microsoft has announced plans to ship fixes for at least four security holes in the Windows operating system as part of this month's Patch Tuesday batch.

Three of the bulletins carry "remote code execution" risk while the fourth exposes Windows users to denial-of-service attacks.

follow Ryan Naraine on twitter

The updates, which drop around 1:00PM Eastern on November 8, will affect all supported versions of Windows, including the newest Windows 7 and Windows Server 2008 R2.

Windows kernel 'zero-day' found in Duqu attack ]

Although Microsoft has confirmed a zero-day Windows kernel flaw was used in the mysterious Duqu malware attack, the company is not expected to ship a fix for this issue.

According to Symantec, the Duqu zero-day vulnerability was exploited via a rigged Word .doc and gave the hackers remote code execution once the file was opened.

Microsoft has not yet issued a security advisory to offer pre-patch mitigation guidance.  Microsoft has now issued a security advisory with a temporary fix-it migitation.

Topics: Software, Operating Systems, Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

6 comments
Log in or register to join the discussion
  • Clearly the world is ending

    As Microsoft are "remaining silent" on a fix for this Duqu-thing. Oh wait, this isn't the "Apple is evil" spot. My mistake. Keep calm and carry on.
    ego.sum.stig
    • RE: Patch Tuesday: Fix for 'Duqu' zero-day not likely this month

      @ego.sum.stig@...

      Better type fast, that battery level is looking low ;-)
      tonymcs@...
      • You don't get out much do you?

        My view on any mobile device is that they are the root of all evil and a modern ball and chain. I do not want to be contacted by work when I'm at the "bird and babe" or anywhere else outside work.
        ego.sum.stig
  • RE: Patch Tuesday: Fix for 'Duqu' zero-day not likely this month

    Well, that was inevitable it will take them ages. The same thing happened with Stuxnet. But I careless since I don't use Windows and am not affected cause I use OS X and Linux :)
    shellcodes_coder
  • RE: Patch Tuesday: Fix for 'Duqu' zero-day not likely this month

    After the last update from Microsoft, I don't care if they ever do another. If I saw that little blue circle one more time I was going to change to a MAC! DEcided to go with Firefox instead. :) Even AT&T is having an issue with their customer support software. A 15 minute call to support took a half hour+ while the CSR waited for his screen to load. Very frustating. Two web sites I handle have the same issee. It is not us it is Microsoft! Get it fixed!
    Ruthielou
  • Microsoft has released a workaround for Duqu TrueType Font Parsing Vuln.

    <a href="https://technet.microsoft.com/en-us/security/advisory/2639658" target="_blank" rel="nofollow"><a href="https://technet.microsoft.com/en-us/security/advisory/2639658" target="_blank" rel="nofollow"><a href="https://technet.microsoft.com/en-us/security/advisory/2639658" target="_blank" rel="nofollow">https://technet.microsoft.com/en-us/security/advisory/2639658</a></a></a><br>"Mitigating Factors: The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful, a user must open an attachment that is sent in an e-mail message.<br><br>Or open a specially-crafted file on a USB stick "dropped" in the employee parking lot?<br><br><a href="http://support.microsoft.com/kb/2639658" target="_blank" rel="nofollow"><a href="http://support.microsoft.com/kb/2639658" target="_blank" rel="nofollow"><a href="http://support.microsoft.com/kb/2639658" target="_blank" rel="nofollow">http://support.microsoft.com/kb/2639658</a></a></a><br>"the workaround denies the system access to the T2embed.dll file.<br><br>Oh, yeah. The vulnerability exists on every supported version of Windows except for Server Core installations.
    Rabid Howler Monkey