Microsoft patches critical Windows 7 flaw, but no word on Duqu
By Chris Taylor
09/11/2011
Microsoft has issued patches for one critical and three less serious flaws for Windows 7, but the Duqu exploit remains at large, reports CNet.com.
Tackling the most serious first, the firm said that the MS11-083 update addresses a vulnerability in the TCP/IP stack for the Windows 7, Vista and Server 2008 operating systems.
Without patching, it could allow an attacker to remotely hijack a computer by sending a flood of packets to a UDP port not in use by a local service, said Microsoft in its security bulletin.
"Since this vulnerability does not require any user interaction or authentication, all Windows machines, workstations and servers that are on the internet can be freely attacked," explained security expert Amol Sarwate of Qualys.
"The mitigating element here is that the attack is complicated to execute, and Microsoft has given it an exploitability index of '2,' meaning that the exploit code is inconsistent, but otherwise this has all the required markings for a big worm," he added.
Next it addressed vulnerabilities in Windows Mail and Windows Meeting; issues which should similarly be patched instantly for those using patch management software.
These flaws could trick systems into running random code if a user were to open a file located in the same directory as a malicious dynamic link library (DLL), Microsoft said.
Regarding the final patch, ComputerWorld.com says that while Duqu - a virus that could allow full remote read, write and delete access - remained unfixed, it did address a different flaw in the TrueType font parsing engine, the component targeted by the trojan's attacks.
