Slashdot Mirror

← Back to Stories (view on slashdot.org)

Duqu Installer Exploits Windows Kernel Zero Day

Posted by Unknown on from the windows-industrial-control-edition dept.

Trailrunner7 writes with an excerpt from Threatpost: "A newly discovered installer for the Duqu malware includes an exploit for a previously unknown vulnerability in the Windows kernel that allows remote code execution. Microsoft is working on a fix for the kernel vulnerability right now. The exact location and nature of the flaw isn't clear right now. The installer uses a Word document to exploit the vulnerability and then install the Duqu binaries."

1 of 164 comments (clear)

  1. And? by ledow · · Score: 0, Troll

    I'm sorry, but anyone that lets their Windows / internal servers be contacted by arbitrary packets from the Internet, or their systems allow execution by ordinary users of (at the very minimum, unscanned) email attachments, deserves everything they get.

    This isn't news now and wasn't back 20 years ago. If you have to do more than just in a "just-in-case" firewall rule into your network equipment that automatically blocks this particular attack from local users (and which should be impossible to execute directly against the server remotely anyway), then you weren't really doing your job in the first place.

    Next you'll be telling me that I shouldn't let filesharing ports open to the world.