Microsoft issues fixes for 'patched' Duqu threat

By on
Microsoft issues fixes for 'patched' Duqu threat

Patches fix 23 vulnerabilities

Microsoft on Tuesday shipped seven patches to address 23 vulnerabilities, including fresh fixes for flaws that could enable the espionage trojan Duqu trojan to spread.

Three of the seven bulletins were rated "critical" by Microsoft, but all of the attention seemed squarely focused on one: MS12-034, a rather convoluted fix that remedies 10 issues in Windows, Office, Silverlight and the .NET Framework. 

Three of the ten vulnerabilities were publicly known, and the most severe of the holes involved the improper handling of TrueType font files, which was the vector by which Duqu was believed to have spread.

Duqu was created to conduct reconnaissance of target industrial control systems, and may have been designed to serve as a precursor to another Stuxnet-like attack.

In December, Microsoft patched the Duqu vulnerability, but the code had been replicated in other company products, said Andrew Storms, director of security operations at nCircle, which provides security and compliance auditing solutions.

"This is going to give the patch management folks some serious heartburn," he said.

"Evidently, Microsoft discovered that the same bits of bad code that were fixed in MS11-087 last year were copied and pasted into other applications, so they needed to fix those, too.

"Since other changes were pending for those applications, all kinds of other bug fixes not related to Duqu [also] are bundled into this bulletin."

Tuesday's update contained two other high-priority fixes.

MS12-029 corrects a single "critical" weakness in Word that could result in remote code execution by attackers.

Also, MS12-032 remedies one publicly known and one privately disclosed flaw in the TCP/IP stack, a core operating system component.

While the bug can at worst result in privilege escalation, but not code execution, a public exploit has been published.

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition
Tags:

Most Read Articles

You must be a registered member of iTnews to post a comment.
| Register

Poll

New Windows 10 users, are you upgrading from...
Windows 8
Windows 7
Windows XP
Another operating system
Windows Vista
How should the costs of Australia's piracy scheme be split?
Rights holders should foot the whole bill
50/50
ISPs should foot the whole bill
Government should chip in a bit
Other
View poll archive

Whitepapers from our sponsors

What will the stadium of the future look like?
What will the stadium of the future look like?
New technology adoption is pushing enterprise networks to breaking point
New technology adoption is pushing enterprise networks to breaking point
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
The next era of business continuity: Are you ready for an always-on world?
The next era of business continuity: Are you ready for an always-on world?

Log In

Username:
Password:
|  Forgot your password?