Microsoft Issues Security Fix to Address Trojan Duqu
In its security update for May 2012 via the usual Patch Tuesday cycle, Microsoft repaired vulnerabilities within Windows, .Net Framework and Office, releasing an amalgamated update for fixing the font-parsing program that the Duqu Trojan exploited namely MS12-034, published searchsecurity.techtarget.com dated May 8, 2012.
As for the security fixes, Microsoft Security Response Center (MSRC) Engineering's Jonathan Ness stated that the assault against Office brought about with the Duqu had been addressed through the MS11-087 update. Though Duqu now couldn't exploit the flaw anymore, the Engineering team desired for being certain in taking care of the flawed program anytime it emerged on the Microsoft program environment, Ness assured. Softpedia.com published this on May 9, 2012.
Ness continued that to materialize the MSRC Engineering's plan, the latter in collaboration with Microsoft Research had been preparing a "Cloned Code Detection" mechanism, which could be executed for each of the MSRC instances for detecting every event wherein the vulnerable program got shipped with software. The mechanism happened to be that, which detected multiple replicas of CVE-2011-3402, which were being taken care of with the MS12-034 patch.
Forensic and Security Analyst Paul Henry at Lumension stated that among all the updates, the MS12-034 was the most intriguing. It apparently showed Microsoft's intensive effort towards fixing problems with TTF (True Type Font). The TTF problem, in December 2011, related to the Duqu Trojan, he recalled. Scmagazineuk.com published this on May 9, 2012.
Further, in the words of Technical Manager Tyler Reguly for Security, Research and Development in nCircle, the majority of IT security groups found MS12-034 utterly painful. And because the bulletin had products overlapping each other, patches were many, for .NET and Office, he added. Scmagazineuk.com published this.
Moreover, alongside the above security flaws, one more vital bulletin addressed flaws inside Visio Viewer 2010 whose successful exploitation enabled to run malware remotely provided end-users viewed one contaminated Visio file, the software giant outlined.
Conclusively, users are urged towards deploying the most recent patches without delay towards safeguarding their computers. Accordingly, they may download the patches from the Microsoft websites for Windows Update and Update, states the company.
Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails
» SPAMfighter News - 19-05-2012