Microsoft offering defenses against Duqu virus

Nov 04, 2011
The Microsoft logo is seen in June 2011 in Los Angeles, California. Microsoft on Friday was advising companies how to defend against infection by a Stuxnet-like Duqu virus.

Microsoft on Friday was advising companies how to defend against infection by a Stuxnet-like Duqu virus.

The US technology colossus released the "workaround" along with detailed information it said would enable anti-virus software companies to detect Duqu, which takes advantage of a flaw in Windows computer operating systems.

"To make it easy for customers, we have released a fix-it that will allow one-click installation of the workaround and an easy way for enterprises to deploy," said Microsoft trustworthy computing group manager Jerry Bryant.

"Our engineering teams determined the root cause of this vulnerability, and we are working to produce a high-quality security update to address it," he said in a security advisory posted online.

A to protect against Duqu will not be ready in time for this month's "update Tuesday" next week, according to Microsoft.

Duqu can sneak into computers by hiding in Word document files opened as .

Duqu infections have been reported in a dozen countries including Iran, France, Britain and India, according to US computer security firm Symantec.

The virus takes advantage of a previously unknown vulnerability in a Windows font-parsing engine to plant malicious code in the heart of a computer system, according to Microsoft.

"An attacker who successfully exploited this vulnerability... could then install programs; view, change, or delete data; or create new accounts with full user rights," Microsoft warned in a security advisory.

"We are aware of targeted attacks that try to use the reported vulnerability; overall, we see low customer impact at this time," it said.

Stuxnet was designed to attack made by German industrial giant Siemens and commonly used to manage water supplies, , and other .

Most Stuxnet infections have been discovered in Iran, giving rise to speculation it was intended to sabotage nuclear facilities there

Explore further: Software provides a clear overview in long documents

add to favorites email to friend print save as pdf

Related Stories

Symantec warns of new Stuxnet-like virus

Oct 19, 2011

US security firm Symantec has warned of a new computer virus similar to the malicious Stuxnet worm believed to have preyed on Iran's nuclear program.

New Duqu virus linked to Microsoft Word Documents

Nov 04, 2011

I new virus has cropped up in various countries across the world and its target appears to be corporate networks. The Duqu virus, first noted last month by a laboratory at Budapest University, has now been ...

Stuxnet-like virus points to new round of cyber war

Oct 20, 2011

Internet security specialists have warned of a new round of cyber warfare in the form of a computer virus similar to the malicious Stuxnet worm believed to have targeted Iran's nuclear program. ...

Microsoft patches 'critical' crack in Windows

Aug 03, 2010

Microsoft released an emergency patch for a "critical" crack in Windows operating system software that could let hackers take control of computers over the Internet.

Microsoft probing new hole in IE security

Feb 03, 2010

Fresh from patching an Internet Explorer (IE) flaw exploited in cyberattacks on Google and other firms, Microsoft is looking into a newly exposed vulnerability in the browser software.

Recommended for you

Google searches hold key to future market crashes

9 hours ago

A team of researchers from Warwick Business School and Boston University have developed a method to automatically identify topics that people search for on Google before subsequent stock market falls.

Lenovo's smart glasses prototype has battery at neck

11 hours ago

China's PC giant Lenovo last week offered a peek at its Google Glass-competing smart glass prototype, further details of which are to be announced in October. Lenovo's glasses prototype is not an extreme ...

Amazon launches 3D printing store

14 hours ago

Amazon announced Monday the launch of an online store for 3D printed items to allow consumers to customize and personalize items like earrings, pendants, dolls and other objects.

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

Vendicar_Decarian
1 / 5 (3) Nov 04, 2011
Israel with the probable assistance of the U.S. was the origin of Stuxnet which targeted the Iranian Nuclear enrichment program.

Either Israel or the U.S. are now complicit in this corporate espionage attack on their allies in Europe and elsewhere, or as I said at the time of the Stuxnet attack, the Stuxnet software would be reverse engineered and used against western interests.

In any case, Israel with the probable assistance of the U.S. are ultimately responsible for this latest virus as they wrote much of the code for the existing infection.

Remember. Vendicar is almost always right, and Israel is the
enemy of all moral, thinking people.

Physphan
5 / 5 (1) Nov 06, 2011
Israel is the enemy of all moral, thinking people.


Vendicar, I'm thinking you are not in any danger from Israel.
Techiecop
not rated yet Dec 11, 2011
The only difference between this two viruses is that Stuxnet was targeted to control the industrial processes, for example uranium enrichment. On the other hand, Duqu was designed to steal information from personal computers.