Duqu Installer Exploits Windows Kernel Zero Day

Trailrunner7 writes with an excerpt from Threatpost: "A newly discovered installer for the Duqu malware includes an exploit for a previously unknown vulnerability in the Windows kernel that allows remote code execution. Microsoft is working on a fix for the kernel vulnerability right now. The exact location and nature of the flaw isn't clear right now. The installer uses a Word document to exploit the vulnerability and then install the Duqu binaries."

Re:Word document for a remote exploit?

[billcopc]

What, you don't open ports to your passwordless MS terminal server ?

It's a Word document, which means it exploits a weakness in MS word to deliver the payload.

But seriously, what is this, Digg ? Who is this "Unknown Lamer" and why doesn't he go fuck himself ? We used to have standards around here...