Microsoft offering defenses against Duqu virus

November 4, 2011
The Microsoft logo is seen in June 2011 in Los Angeles, California. Microsoft on Friday was advising companies how to defend against infection by a Stuxnet-like Duqu virus.

Microsoft on Friday was advising companies how to defend against infection by a Stuxnet-like Duqu virus.

The US technology colossus released the "workaround" along with detailed information it said would enable anti-virus software companies to detect Duqu, which takes advantage of a flaw in Windows computer operating systems.

"To make it easy for customers, we have released a fix-it that will allow one-click installation of the workaround and an easy way for enterprises to deploy," said Microsoft trustworthy computing group manager Jerry Bryant.

"Our engineering teams determined the root cause of this vulnerability, and we are working to produce a high-quality security update to address it," he said in a security advisory posted online.

A to protect against Duqu will not be ready in time for this month's "update Tuesday" next week, according to Microsoft.

Duqu can sneak into computers by hiding in Word document files opened as .

Duqu infections have been reported in a dozen countries including Iran, France, Britain and India, according to US computer security firm Symantec.

The virus takes advantage of a previously unknown vulnerability in a Windows font-parsing engine to plant malicious code in the heart of a computer system, according to Microsoft.

"An attacker who successfully exploited this vulnerability... could then install programs; view, change, or delete data; or create new accounts with full user rights," Microsoft warned in a security advisory.

"We are aware of targeted attacks that try to use the reported vulnerability; overall, we see low customer impact at this time," it said.

Stuxnet was designed to attack made by German industrial giant Siemens and commonly used to manage water supplies, , and other .

Most Stuxnet infections have been discovered in Iran, giving rise to speculation it was intended to sabotage nuclear facilities there

Explore further: Symantec warns of new Stuxnet-like virus

Related Stories

Symantec warns of new Stuxnet-like virus

October 19, 2011

US security firm Symantec has warned of a new computer virus similar to the malicious Stuxnet worm believed to have preyed on Iran's nuclear program.

New Duqu virus linked to Microsoft Word Documents

November 4, 2011

I new virus has cropped up in various countries across the world and its target appears to be corporate networks. The Duqu virus, first noted last month by a laboratory at Budapest University, has now been spotted in several ...

Stuxnet-like virus points to new round of cyber war

October 20, 2011

Internet security specialists have warned of a new round of cyber warfare in the form of a computer virus similar to the malicious Stuxnet worm believed to have targeted Iran's nuclear program.

Microsoft probing new hole in IE security

February 3, 2010

Fresh from patching an Internet Explorer (IE) flaw exploited in cyberattacks on Google and other firms, Microsoft is looking into a newly exposed vulnerability in the browser software.

Recommended for you

Augmented reality takes 3-D printing to next level

February 20, 2018

Cornell researchers are taking 3-D printing and 3-D modeling to a new level by using augmented reality (AR) to allow designers to design in physical space while a robotic arm rapidly prints the work.

What do you get when you cross an airplane with a submarine?

February 15, 2018

Researchers from North Carolina State University have developed the first unmanned, fixed-wing aircraft that is capable of traveling both through the air and under the water – transitioning repeatedly between sky and sea. ...


Adjust slider to filter visible comments by rank

Display comments: newest first

1 / 5 (3) Nov 04, 2011
Israel with the probable assistance of the U.S. was the origin of Stuxnet which targeted the Iranian Nuclear enrichment program.

Either Israel or the U.S. are now complicit in this corporate espionage attack on their allies in Europe and elsewhere, or as I said at the time of the Stuxnet attack, the Stuxnet software would be reverse engineered and used against western interests.

In any case, Israel with the probable assistance of the U.S. are ultimately responsible for this latest virus as they wrote much of the code for the existing infection.

Remember. Vendicar is almost always right, and Israel is the
enemy of all moral, thinking people.

5 / 5 (1) Nov 06, 2011
Israel is the enemy of all moral, thinking people.

Vendicar, I'm thinking you are not in any danger from Israel.
not rated yet Dec 11, 2011
The only difference between this two viruses is that Stuxnet was targeted to control the industrial processes, for example uranium enrichment. On the other hand, Duqu was designed to steal information from personal computers.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.