Duqu Installer Exploits Windows Kernel Zero Day
Trailrunner7 writes with an excerpt from Threatpost: "A newly discovered installer for the Duqu malware includes an exploit for a previously unknown vulnerability in the Windows kernel that allows remote code execution. Microsoft is working on a fix for the kernel vulnerability right now. The exact location and nature of the flaw isn't clear right now. The installer uses a Word document to exploit the vulnerability and then install the Duqu binaries."
What, you don't open ports to your passwordless MS terminal server ?
It's a Word document, which means it exploits a weakness in MS word to deliver the payload.
But seriously, what is this, Digg ? Who is this "Unknown Lamer" and why doesn't he go fuck himself ? We used to have standards around here...
-Billco, Fnarg.com
Worse things exist in opening attachments from remote senders than malware, http://www.pcworld.com/article/103992/the_worlds_worst_viruses.html
On that note, people need to stop telling others to not open attachments from unknown senders, let natural selection separate the users who know how to use computers (aka maintain their machine in a working state) and those who do not, it's just not fair to have to fix some dumbshit's machine cause s/he is too dumb to apply common sense.