Microsoft offering defenses against Duqu virus

Nov 04, 2011
The Microsoft logo is seen in June 2011 in Los Angeles, California. Microsoft on Friday was advising companies how to defend against infection by a Stuxnet-like Duqu virus.

Microsoft on Friday was advising companies how to defend against infection by a Stuxnet-like Duqu virus.

The US technology colossus released the "workaround" along with detailed information it said would enable anti-virus software companies to detect Duqu, which takes advantage of a flaw in Windows computer operating systems.

"To make it easy for customers, we have released a fix-it that will allow one-click installation of the workaround and an easy way for enterprises to deploy," said Microsoft trustworthy computing group manager Jerry Bryant.

"Our engineering teams determined the root cause of this vulnerability, and we are working to produce a high-quality security update to address it," he said in a security advisory posted online.

A to protect against Duqu will not be ready in time for this month's "update Tuesday" next week, according to Microsoft.

Duqu can sneak into computers by hiding in Word document files opened as .

Duqu infections have been reported in a dozen countries including Iran, France, Britain and India, according to US computer security firm Symantec.

The virus takes advantage of a previously unknown vulnerability in a Windows font-parsing engine to plant malicious code in the heart of a computer system, according to Microsoft.

"An attacker who successfully exploited this vulnerability... could then install programs; view, change, or delete data; or create new accounts with full user rights," Microsoft warned in a security advisory.

"We are aware of targeted attacks that try to use the reported vulnerability; overall, we see low customer impact at this time," it said.

Stuxnet was designed to attack made by German industrial giant Siemens and commonly used to manage water supplies, , and other .

Most Stuxnet infections have been discovered in Iran, giving rise to speculation it was intended to sabotage nuclear facilities there

Explore further: Microsoft buys Office collaborator app LiveLoop

add to favorites email to friend print save as pdf

Related Stories

Symantec warns of new Stuxnet-like virus

Oct 19, 2011

US security firm Symantec has warned of a new computer virus similar to the malicious Stuxnet worm believed to have preyed on Iran's nuclear program.

New Duqu virus linked to Microsoft Word Documents

Nov 04, 2011

I new virus has cropped up in various countries across the world and its target appears to be corporate networks. The Duqu virus, first noted last month by a laboratory at Budapest University, has now been ...

Stuxnet-like virus points to new round of cyber war

Oct 20, 2011

Internet security specialists have warned of a new round of cyber warfare in the form of a computer virus similar to the malicious Stuxnet worm believed to have targeted Iran's nuclear program. ...

Microsoft patches 'critical' crack in Windows

Aug 03, 2010

Microsoft released an emergency patch for a "critical" crack in Windows operating system software that could let hackers take control of computers over the Internet.

Microsoft probing new hole in IE security

Feb 03, 2010

Fresh from patching an Internet Explorer (IE) flaw exploited in cyberattacks on Google and other firms, Microsoft is looking into a newly exposed vulnerability in the browser software.

Recommended for you

Fitness app connects exercisers to experts

Mar 24, 2015

Can advanced networking and next-generation applications help solve some of our nation's most pressing health problems? Can mobile devices and high-speed Internet be used to improve our health and well-being? ...

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

1 / 5 (3) Nov 04, 2011
Israel with the probable assistance of the U.S. was the origin of Stuxnet which targeted the Iranian Nuclear enrichment program.

Either Israel or the U.S. are now complicit in this corporate espionage attack on their allies in Europe and elsewhere, or as I said at the time of the Stuxnet attack, the Stuxnet software would be reverse engineered and used against western interests.

In any case, Israel with the probable assistance of the U.S. are ultimately responsible for this latest virus as they wrote much of the code for the existing infection.

Remember. Vendicar is almost always right, and Israel is the
enemy of all moral, thinking people.

5 / 5 (1) Nov 06, 2011
Israel is the enemy of all moral, thinking people.

Vendicar, I'm thinking you are not in any danger from Israel.
not rated yet Dec 11, 2011
The only difference between this two viruses is that Stuxnet was targeted to control the industrial processes, for example uranium enrichment. On the other hand, Duqu was designed to steal information from personal computers.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.