Microsoft Released Emergency Patch Fix To Block Duqu Zero-Day exploit

Microsoft released emergency patch to fix the newly found zero-day exploit in windows kernel. The attack, discovered by Hungarian researchers, exploits a vulnerability in Windows' TrueType font engine. A full fix for the problem is still pending, and will not be part of Microsoft's "Patch Tuesday" fixes for November. In the company's security advisory Microsoft said that attackers exploiting the TrueType vulnerability—which Duqu exploited through a Microsoft Word document—could gain access to the Windows kernel and run shell code. "The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights," Microsoft's statement said.
As a temporary workaround, Microsoft recommends shutting off access to T2EMBED.DLL, the dynamic link library that allows applications to display TrueType fonts. While the fix will prevent attacks, it also means that fonts won't display properly in applications. But Microsoft's security team sees the threat from Duqu as limited, stating that "overall, we see low customer impact at this time."
  • To know about the Microsoft Security Bulletin Advance Notification for November 2011 click Here
  • To download the emergency patch released by Microsoft click Here 


Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info. Thank You ! -Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You! -Team VOGH

Categories: , ,
Related Posts Plugin for WordPress, Blogger...