Microsoft released Security Advisory 2639658 which relates to a Windows kernel issue related to the Duqu malware, a trojan that injects malicious code into other processes.
As illustrated in the image below of the Duqu infection schematics, provided by Symantec in Duqu: Status Updates Including Installer with Zero-Day Exploit Found, once infected, the trojan can then install programs; view, change, or delete data; or create new accounts with full user rights.
Microsoft is aware of targeted attacks that try to use the reported vulnerability and reports that at this time they see "low customer impact". Work continues to provide a security update for the vulnerability, either via an out-of-band update or during the regular monthly release process. An update is not expected to be ready for delivery with the scheduled November update.
Microsoft Fix it
As an interim work-around, Microsoft has provided a Microsoft Fix it solution to simplify the work-around for workaround to deny access to t2embed.dll.The Fix it solution is available from Microsoft KB Article 2639658, with direct links to the download files to enable and disable the solution below.
| Enable | Disable |
|---|---|
| Fix this problem Microsoft Fix it 50792 | Fix this problem Microsoft Fix it 50793 |
References
- MSRC: Microsoft releases Security Advisory 2639658
- Tech Net Advisory: Microsoft Security Advisory (2639658) Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege
- Knowledge Base Article: Microsoft Security Advisory: Vulnerability in TrueType font parsing could allow elevation of privileges
- Symantec: Duqu: Status Updates Including Installer with Zero-Day Exploit Found
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
0 comments:
Post a Comment