Printed from http://www.electronista.com

Windows zero-day Duqu exploit uses corrupt Word files

updated 05:15 pm EDT, Tue November 1, 2011

Microsoft confirms Duqu exploit in Word files

Microsoft on Tuesday confirmed that a Windows kernel vulnerability does indeed exist in Duqu malware and is working to patch it. The zero-day kernel exploit could allow hackers to remotely execute code in an infected system, CrySys and Symantec found. Duqu can be installed by modified Word documents and can potentially slip by.

Once opened, the malicious code is executed and installs the main Duqu program. The hackers can then spread Duqu to other computers on the network. Most security programs can detect and block Duqu, although Symantec revealed at least six unnamed organizations in several countries have already received the malware.

A full security bulletin from Microsoft that addresses the issue is expected to come very soon, although it's unclear how soon a patch will follow. [via WinRumors]



By Electronista Staff
toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Thecus N2310 NAS

For every computer user, there comes a point of critical mass in data storage. When it hits, external hard drives, USB sticks and DVD ...

iRig Pads

When it comes to mobile music products, IK Multimedia has positioned itself as one of the top suppliers. Right from the early days of ...

DoxieGo Portable Scanner

Sometimes, people need to scan things, but having a computer at hand to do so isn't exactly feasible. Maybe it's the home of a relativ ...

Sponsor

toggle

Most Commented

 
toggle

Popular News