Microsoft, it seems, has failed in their attempt to patch the Duqu flaw, but they did manage to fix a critical hole in Windows TCP/IP stack. I guess that something is better than nothing, don’t you think so? The monthly Patch Tuesday by Microsoft did not manage to include a patch for a Windows kernel vulnerability which is being exploited by the Duqu malware, although credit must be given to Microsoft for pushing out an emergency workaround sometime last week that turned off access to T2EMBED.DLL, the dynamic link library that enabled applications to display TrueType fonts.
Basically, this workaround had to be issued in a jiffy simply because successful Duqu-based attacks would open up the door for attackers to run arbitrary code in kernel mode, giving them a free reign to install programs, view, change or delete data, or even to create new accounts that come with full user rights. Microsoft says that they are still developing a permanent fix to the software, and rest assured that this fix will be included in either a future monthly update or an out-of-band patch.
As usual, we would advise all Ubergizmo readers to always be cautious around the Internet, downloading files only from certified-safe sites, and make sure your anti-virus software is up to date. Always.
Filed in . Read more about Microsoft.