Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Microsoft releases temporary workaround for critical Duqu vulnerability


  • Please log in to reply
2 replies to this topic

#1 Union_Thug

Union_Thug

    Bleeps with the fishes...


  • Members
  • 2,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:is everything
  • Local time:12:04 PM

Posted 04 November 2011 - 05:29 AM

Microsoft releases Security Advisory 2639658 http://blogs.technet.com/b/msrc/archive/2011/11/03/microsoft-releases-security-advisory-2639658.aspx

Today we released Security Advisory 2639568 to provide customer guidance for the Windows kernel issue related to the Duqu malware. I would like to provide you information on how to protect your system(s), how we are addressing the issue, and insight into our threat landscape monitoring capabilities. The security advisory provides a workaround that can be applied to any Windows system. To make it easy for customers to install, we have released a Fix it that will allow one-click installation of the workaround and an easy way for enterprises to deploy.

To further protect customers, we provided our partners in the Microsoft Active Protections Program (MAPP) detailed information on how to build detection for their security products. This means that within hours, anti-malware firms will roll out new signatures that detect and block attempts to exploit this vulnerability. Therefore we encourage customers to ensure their antivirus software is up-to-date.

Additionally, our engineering teams determined the root cause of this vulnerability, and we are working to produce a high-quality security update to address it. At this time, we plan to release the security update through our security bulletin process, although it will not be ready for this month’s bulletin release.


Microsoft Security Advisory (2639658) Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege
http://technet.microsoft.com/en-us/security/advisory/2639658

Microsoft Security Advisory: Vulnerability in TrueType font parsing could allow elevation of privileges (Fix-it)
http://support.microsoft.com/kb/2639658

Edited by Union_Thug, 04 November 2011 - 05:34 AM.


BC AdBot (Login to Remove)

 


#2 Winterland

Winterland

  • Members
  • 980 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Land of Enchantment
  • Local time:10:04 AM

Posted 04 November 2011 - 06:35 AM

> bows <

Thank you Thug.

Winterland

Photobucket removed my cool flag - idiots!

 

Every calculation based on experience elsewhere fails in New Mexico.


#3 Union_Thug

Union_Thug

    Bleeps with the fishes...

  • Topic Starter

  • Members
  • 2,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:is everything
  • Local time:12:04 PM

Posted 13 December 2011 - 11:47 PM

MS issued MS11-087 to address the above. If you installed Microsoft Fix it 50792, disable the Fix it.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users