Duqu exploited at least one zero-day vulnerability: Researchers
02 Nov 2011
According to security researchers the Duqu Trojan, discovered two weeks ago, exploited at least one zero-day vulnerability in Microsoft Windows.
A booby-trapped word document triggered the vulnerability, a post by researchers from Hungary's Laboratory of Cryptography and System Security said on 1 November.
Microsoft Trustworthy Computing group's Jerry Bryant said in a statement that Microsoft was working to address the issue and would release a security update. However, no timeline had been suggested for the fix.
"As a result of our investigation, we identified a dropper file with an MS 0-day kernel exploit inside," the CrySyS researchers wrote.
Besides remaining vigilant and not lowering guard, there were no workarounds at present that users could follow to prevent a Duqu attack which included not opening suspicious files attached to emails.
The possibility of Duqu having exploited other vulnerabilities or used other attack vectors to spread is being investigated by researchers.