+ - Duqu Attackers Exploited Windows Zero-Day->
Submitted
by
wiredmikey
wiredmikey writes "Taking another page from Stuxnet, it seems the attackers behind Duqu used a Microsoft Windows zero-day as part of their attack campaign.
Researchers at the Laboratory of Cryptography and System Security (CrySyS) — the group that initially discovered the original Duqu binaries — has located an installer for the malware. The installer file is a malicious Microsoft Word document that exploits a previously-unknown kernel vulnerability that allows code execution.
Once the Word file is opened, the malware executes and installs the Duqu binaries.
The revelation that Duqu uses a zero-day is yet another similarity with Stuxnet, the notorious worm discovered in 2010 targeting industrial control systems. In the case of Stuxnet, the attackers used four Microsoft zero-days to infect systems.
Microsoft has been notified and is working on a fix."
Link to Original Source
Researchers at the Laboratory of Cryptography and System Security (CrySyS) — the group that initially discovered the original Duqu binaries — has located an installer for the malware. The installer file is a malicious Microsoft Word document that exploits a previously-unknown kernel vulnerability that allows code execution.
Once the Word file is opened, the malware executes and installs the Duqu binaries.
The revelation that Duqu uses a zero-day is yet another similarity with Stuxnet, the notorious worm discovered in 2010 targeting industrial control systems. In the case of Stuxnet, the attackers used four Microsoft zero-days to infect systems.
Microsoft has been notified and is working on a fix."
Link to Original Source
Duqu Attackers Exploited Windows Zero-Day More Login
Duqu Attackers Exploited Windows Zero-Day