Microsoft issues fixes for 'patched' Duqu threat

Powered by SC Magazine
 

Patches fix 23 vulnerabilities

Microsoft on Tuesday shipped seven patches to address 23 vulnerabilities, including fresh fixes for flaws that could enable the espionage trojan Duqu trojan to spread.

Three of the seven bulletins were rated "critical" by Microsoft, but all of the attention seems squarely focused on one: MS12-034, a rather convoluted fix that remedies 10 issues in Windows, Office, Silverlight and the .NET Framework. 

Three of the 10 vulnerabilities are publicly known, and the most severe of the holes involve the improper handling of TrueType font files, which was the vector by which Duqu is believed to have spread.

Duqu was created to conduct reconnaissance of target industrial control systems, and may have been designed to serve as a precursor to another Stuxnet-like attack.

In December, Microsoft patched the Duqu vulnerability, but the code had been replicated in other company products, said Andrew Storms, director of security operations at nCircle, which provides security and compliance auditing solutions.

"This is going to give the patch management folks some serious heartburn," he said. "Evidently, Microsoft discovered that the same bits of bad code that were fixed in MS11-087 last year were copied and pasted into other applications, so they needed to fix those, too. Since other changes were pending for those applications, all kinds of other bug fixes not related to Duqu [also] are bundled into this bulletin."

Tuesday's update contains two other high-priority fixes.

MS12-029 corrects a single "critical" weakness in Word that could result in remote code execution by attackers.

Also, MS12-032 remedies one publicly known and one privately disclosed flaw in the TCP/IP stack, a core operating system component. While the bug can at worst result in privilege escalation, but not code execution, a public exploit has been published.

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition


Microsoft issues fixes for 'patched' Duqu threat
 
 
 
Top Stories
Microsoft confirms Australian Azure launch
Available from next week.
 
NBN Co names first 140 FTTN sites
National trial extended.
 
Cloud, big data propel bank CISOs into the boardroom
And this time, they are welcome.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Do you direct debit customers? Read this
Oct 10, 2014
Authorities have been targeting direct debit practices with iiNet and Dodo receiving formal ...
Optus expands 4G coverage
Oct 10, 2014
If you rely on an Optus phone for work you might be interested to know that there are now 200 ...
Microsoft Office is now free for some charities
Oct 10, 2014
Microsoft has announced that eligible Australian non-profit organisations and charities can now ...
Vodafone lights up 4G in Adelaide
Oct 9, 2014
Live and work in Adelaide? Vodafone has switched on its 4G network in the city and suburbs.
Next year tradies will be able to take payments using ingogo
Oct 3, 2014
Ingogo is going to provide a card payment service for Xero users.
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  24%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  23%
 
End user computing (desktops, mobiles, apps)
  14%
 
Software development
  27%
TOTAL VOTES: 270

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  61%
 
No
  39%
TOTAL VOTES: 85

Vote