The Duqu malware that became widely known last month is exploiting a zero-day vulnerability in the Windows kernel to infect systems, according to the Hungarian group CrySyS. An installer file for the Trojan was previously unknown, but now CrySyS and security firm Symantec are reporting that the main Duqu binaries are released onto a targeted system when a Word file containing the malware is opened. The file was specifically designed to open during an eight-day window in August.
Duqu Malware Marches Through Windows Kernel Flaw
Posted by: Rachelle Dragani November 2, 2011 11:07 AMThe Duqu malware that became widely known last month is exploiting a zero-day vulnerability in the Windows kernel to infect systems, according to the Hungarian group CrySyS. An installer file for the Trojan was previously unknown, but now CrySyS and security firm Symantec are reporting that the main Duqu binaries are released onto a targeted system when a Word file containing the malware is opened. The file was specifically designed to open during an eight-day window in August.