{"id":72394,"date":"2011-11-05T13:08:10","date_gmt":"2011-11-05T13:08:10","guid":{"rendered":"https:\/\/localhost\/wordpress\/?p=72394"},"modified":"2011-11-05T13:08:10","modified_gmt":"2011-11-05T13:08:10","slug":"microsoft-announces-workaround-for-the-duqu-exploit","status":"publish","type":"post","link":"https:\/\/www.quickheal.com\/blogs\/microsoft-announces-workaround-for-the-duqu-exploit\/","title":{"rendered":"Microsoft announces workaround for the Duqu exploit"},"content":{"rendered":"
\"\"Microsoft has posted a security advisory 2639658<\/a> to address the recently disclosed Windows kernel vulnerability (CVE-2011-3402) exploited by the Duqu malware.<\/p>\n

Microsoft has determined the flaw is in the processing of embedded True Type Fonts (TTFs). According to Microsoft:
\n“The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”
\n<\/em>
\nThat’s a pretty serious bug. In the terms security professionals use, that means it has the ability for remote code execution (RCE) and elevation of privilege (EoP).<\/p>\n

Microsoft is working diligently to provide a patch and has offered a FixIt download tool<\/a> that will disable support for embedded TTFs to provide protection against the flaw.<\/p>\n

The problem with that is it will prevent any applications that rely on embedded TTFs from rendering properly. This is a common practice in Microsoft Office documents, browsers and document viewers.<\/p>\n

We suggest that users apply this patch if they find any traces of Duqu malware infection. Quick Heal detects it as Trojan.Duqu<\/strong>.<\/div>\n","protected":false},"excerpt":{"rendered":"

Microsoft has posted a security advisory 2639658 to address the recently disclosed Windows kernel vulnerability (CVE-2011-3402) exploited by the Duqu malware. Microsoft has determined the flaw is in the processing of embedded True Type Fonts (TTFs). According to Microsoft: “The attacker could then install programs; view, change, or delete data; or create new accounts with […]<\/p>\n","protected":false},"author":26,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[75,4,36],"tags":[49,72,74,37,40,38],"class_list":["post-72394","post","type-post","status-publish","format-standard","hentry","category-microsoft-windows","category-news","category-security-patch","tag-malware","tag-microsoft","tag-microsoft-patch","tag-security-update","tag-trojan","tag-vulnerability"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/72394"}],"collection":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/users\/26"}],"replies":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/comments?post=72394"}],"version-history":[{"count":0,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/72394\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/media?parent=72394"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/categories?post=72394"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/tags?post=72394"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}