It’s patch Tuesday, and Microsoft has just issued a patch for the zero-day vulnerability that was used by the Duqu malware discovered in October. To quote the bulletin: What does the update do?The update addresses the vulnerability by modifying the way that a Windows kernel mode driver handles TrueType font files. When this security bulletin […]
We have written already about Stuxnet v2 or TR/Duqu and we mentioned that Avira detects it TR/Spy.Duqu.A and TR/Duqu.A.1. This malware uses a vulnerability in a Microsoft Windows component, the TrueType font parsing engine. The vulnerability is caused when the Windows kernel-mode driver win32k.sys fails to properly handle the TrueType font type. An attacker who […]
For the last few days, much malware research time has been devoted to the brand-new malware that ESET calls Win32/Duqu. One of the features that makes this kind of malware particularly interesting is that it very closely resembles Stuxnet, one of the most sophisticated worms of recent years. Last year we performed in-depth analysis of […]
Latest Comments