Microsoft issues short-term fix against Duqu's zero-day kernel attack

Microsoft has released a temporary fix for the Duqu malware that prevents it from enterijng a system via the Windows kernel. The workaround is documented in the company's Security Advisory 2639658.

Although Microsoft has yet to release a proper patch for this issue, it has outlined that users can deny the malware access to the t2embed.dll library file by deploying the workaround. According to Microsoft, this temporary measure should stop an attacker from remotely accessing a computer through a recently discovered zero-day Windows kernel exploit.

Microsoft has packaged the workaround in a one-click fix that will automatically update the Windows kernel with a few lines of code to stop unauthorized access.

Finally, the advisory stated that Microsoft has released relevant information about the vulnerability to various security software firms.

"To further protect customers, we provided our partners in the Microsoft Active Protections Program (MAPP) detailed information on how to build detection for their security products," wrote Jerry Bryant, group manager for Microsoft's Trustworthy Computing Group, in a blog post. "This means that within hours, anti-malware firms will roll out new signatures that detect and block attempts to exploit this vulnerability. Therefore we encourage customers to ensure their antivirus software is up-to-date."

Microsoft acknowledged the zero-day issue on Tuesday, but Bryant said that a permanent fix will not be available in time for this week's Patch Tuesday. Left unaddressed, the flaw could lead to unauthorized remote access to a system.

"The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights," Microsoft explained.

 

Featured

  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected