Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×
Security

Submission + - Duqu Attackers Exploited Windows Zero-Day (securityweek.com)

wiredmikey writes: Taking another page from Stuxnet, it seems the attackers behind Duqu used a Microsoft Windows zero-day as part of their attack campaign.

Researchers at the Laboratory of Cryptography and System Security (CrySyS) — the group that initially discovered the original Duqu binaries — has located an installer for the malware. The installer file is a malicious Microsoft Word document that exploits a previously-unknown kernel vulnerability that allows code execution.

Once the Word file is opened, the malware executes and installs the Duqu binaries.

The revelation that Duqu uses a zero-day is yet another similarity with Stuxnet, the notorious worm discovered in 2010 targeting industrial control systems. In the case of Stuxnet, the attackers used four Microsoft zero-days to infect systems.

Microsoft has been notified and is working on a fix.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Duqu Attackers Exploited Windows Zero-Day

Comments Filter:

"The value of marriage is not that adults produce children, but that children produce adults." -- Peter De Vries

Working...