Please create an account to participate in the Slashdot moderation system


Forgot your password?
Back for a limited time - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

Submission + - Duqu Attackers Exploited Windows Zero-Day (

wiredmikey writes: Taking another page from Stuxnet, it seems the attackers behind Duqu used a Microsoft Windows zero-day as part of their attack campaign.

Researchers at the Laboratory of Cryptography and System Security (CrySyS) — the group that initially discovered the original Duqu binaries — has located an installer for the malware. The installer file is a malicious Microsoft Word document that exploits a previously-unknown kernel vulnerability that allows code execution.

Once the Word file is opened, the malware executes and installs the Duqu binaries.

The revelation that Duqu uses a zero-day is yet another similarity with Stuxnet, the notorious worm discovered in 2010 targeting industrial control systems. In the case of Stuxnet, the attackers used four Microsoft zero-days to infect systems.

Microsoft has been notified and is working on a fix.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Duqu Attackers Exploited Windows Zero-Day

Comments Filter:

Never say you know a man until you have divided an inheritance with him.