Welcome to forums of Dark eFfectX !
Enter the digital revolution. Design technology, coding & gaming.

The exchange of Digital Knowledge while Anime, Manga and Technology collide in a Alchemy of Thought and Illusion.

Learn the magic of today from the science of tomorrow. Web site modifications, custom style sheets (CSS) and coding support + more.

Guests, please register or log in to view the entire forum.

Microsoft offering defenses against Duqu virus

View previous topic View next topic Go down

Microsoft offering defenses against Duqu virus

Post  Bad Wolf on Fri Nov 04, 2011 12:32 pm

AFP wrote:
Microsoft on Friday was advising companies how to defend against infection by a Stuxnet-like Duqu virus.

The US technology colossus released the "workaround" along with detailed information it said would enable anti-virus software companies to detect Duqu, which takes advantage of a flaw in Windows computer operating systems.

"To make it easy for customers, we have released a fix-it that will allow one-click installation of the workaround and an easy way for enterprises to deploy," said Microsoft trustworthy computing group manager Jerry Bryant.

"Our engineering teams determined the root cause of this vulnerability, and we are working to produce a high-quality security update to address it," he said in a security advisory posted online.

A software patch to protect against Duqu will not be ready in time for this month's "update Tuesday" next week, according to Microsoft.

Duqu can sneak into computers by hiding in Word document files opened as email attachments.

Duqu infections have been reported in a dozen countries including Iran, France, Britain and India, according to US computer security firm Symantec.

The virus takes advantage of a previously unknown vulnerability in a Windows font-parsing engine to plant malicious code in the heart of a computer system, according to Microsoft.

"An attacker who successfully exploited this vulnerability... could then install programs; view, change, or delete data; or create new accounts with full user rights," Microsoft warned in a security advisory.

"We are aware of targeted attacks that try to use the reported vulnerability; overall, we see low customer impact at this time," it said.

Stuxnet was designed to attack computer control systems made by German industrial giant Siemens and commonly used to manage water supplies, oil rigs, power plants and other critical infrastructure.

Most Stuxnet infections have been discovered in Iran, giving rise to speculation it was intended to sabotage nuclear facilities there

The Duqu virus, which was discovered in October by Symantec, is thought by some experts to be the next big cyber security threat. It shares some of the code with Stuxnet, a malicious worm which targeted Iran's nuclear program, but Duqu is specifically created for gathering intelligence data from agencies and corporations.

Microsoft's statement did not include any additional details, but Symantec discovered that Duqu was initially infecting systems through a compromised Microsoft Word document which installs the malicious software after it's opened.

_________________
avatar
Bad Wolf
Developer
Developer

Female
Age : 39
Number of posts : 1643
Location : The Evil Empire

Reputation : 6
Usage Points : 649
Registration date : 2006-12-24

Cprofile
Title: The Digital Alchemist
Luck:
555/555  (555/555)
Karma:
670/777  (670/777)

View user profile http://www.darkfx.com

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum