Printed from http://www.electronista.com

Windows zero-day Duqu exploit uses corrupt Word files

updated 05:15 pm EDT, Tue November 1, 2011

Microsoft confirms Duqu exploit in Word files

Microsoft on Tuesday confirmed that a Windows kernel vulnerability does indeed exist in Duqu malware and is working to patch it. The zero-day kernel exploit could allow hackers to remotely execute code in an infected system, CrySys and Symantec found. Duqu can be installed by modified Word documents and can potentially slip by.

Once opened, the malicious code is executed and installs the main Duqu program. The hackers can then spread Duqu to other computers on the network. Most security programs can detect and block Duqu, although Symantec revealed at least six unnamed organizations in several countries have already received the malware.

A full security bulletin from Microsoft that addresses the issue is expected to come very soon, although it's unclear how soon a patch will follow. [via WinRumors]



By Electronista Staff
toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

JBL Synchros E40BT headphones

For all the different configurations of headphones on the market, it's always a tough choice for buyers to get something that is just ...

Razer Taipan mouse

The list of gaming devices is growing larger with each passing day. A large number of companies have entered the gaming input arena, a ...

Cambridge Audio DacMagic XS

Every computer with a microphone or headphone port has one -- a digital to analog converter (DAC). There are nearly as many chipsets a ...

Sponsor

toggle

Most Commented

 
toggle

Popular News