Duqu security update is here!

Microsoft Corp said hackers exploited a previously unknown bug in its Windows operating system to infect computers with the Duqu virus, which some security experts say could be the next big cyber threat.

And it also released a security patch today!!

“To make it easy for customers, we have released a fix-it that will allow one-click installation of the workaround and an easy way for enterprises to deploy,” said Microsoft trustworthy computing group manager Jerry Bryant.

“Our engineering teams determined the root cause of this vulnerability, and we are working to produce a high-quality security update to address it,” he said in a security advisory posted online.

News of Duqu surfaced in October when security software maker Symantec Corp said it had found a mysterious computer virus that contained code similar to Stuxnet, a piece of malicious software believed to have wreaked havoc on Iran’s nuclear programme.

Government and private investigators around the world are racing to unlock the secret of Duqu, with early analysis suggesting that it was developed by sophisticated hackers to help lay the groundwork for attacks on critical infrastructure such as power plants, oil refineries and pipelines.
Details on how Duqu got on to infected machines emerged for the first time on Tuesday as Microsoft disclosed its link to the infection.

So what exactly can duqu do?

Duqu can sneak into computers by hiding in Word document files opened as email attachments.

The virus takes advantage of a previously unknown vulnerability in a Windows font-parsing engine to plant malicious code in the heart of a computer system, according to Microsoft.

Duqu infections have been reported in a dozen countries including Iran, France, Britain and India, according to US computer security firm Symantec.

“An attacker who successfully exploited this vulnerability… could then install programs; view, change, or delete data; or create new accounts with full user rights,” Microsoft warned in a security advisory.

“We are aware of targeted attacks that try to use the reported vulnerability; overall, we see low customer impact at this time,” it said.

Stuxnet was designed to attack computer control systems made by German industrial giant Siemens and commonly used to manage water supplies, oil rigs, power plants and other critical infrastructure.

Most Stuxnet infections have been discovered in Iran, giving rise to speculation it was intended to sabotage nuclear facilities there.