Printed from http://www.electronista.com

Windows zero-day Duqu exploit uses corrupt Word files

updated 05:15 pm EDT, Tue November 1, 2011

Microsoft confirms Duqu exploit in Word files

Microsoft on Tuesday confirmed that a Windows kernel vulnerability does indeed exist in Duqu malware and is working to patch it. The zero-day kernel exploit could allow hackers to remotely execute code in an infected system, CrySys and Symantec found. Duqu can be installed by modified Word documents and can potentially slip by.

Once opened, the malicious code is executed and installs the main Duqu program. The hackers can then spread Duqu to other computers on the network. Most security programs can detect and block Duqu, although Symantec revealed at least six unnamed organizations in several countries have already received the malware.

A full security bulletin from Microsoft that addresses the issue is expected to come very soon, although it's unclear how soon a patch will follow. [via WinRumors]



By Electronista Staff
toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Crucial MX100 256GB SATA-3 SSD

While the price to gigabyte ratio for magnetic platter-based hard drives can't be beat, the speed that a SSD brings to the table for a ...

Narrative Clip

With the advent of social media technology, people have been searching for new ways to share the events of their daily lives -- be it ...

Blue's Mikey Digital

Blue Microphones, a company that makes some of the most popular digital USB microphones among podcasters and musicians, has for some t ...

Sponsor

toggle

Most Commented

 
toggle

Popular News