Microsoft Fixit for Duqu 0 day exploit

dvk01 · Nov 4, 2011

http://hijack-this.co.uk/2011/11/microsoft-fixit-for-dequ-0-day-exploit/

Temporary fixit & workaround for 0 day exploit relating to duqu malware

Fixit & unfixit here http://support.microsoft.com/kb/2639658

Advisory with manual fixes http://technet.microsoft.com/en-us/security/advisory/2639658

My considered advice is that you wont need it and you should wait until Microsoft issue a full patch
So far all attacks have been directly targetted against specific companies or Government departments, That might change as the skiddies get hold of the exploit

Using the fixit might make some applications/ word docs or websites not display correctly ( or even at all ) if they use embedded True type fonts & they havent been set to gracefully fall back on standard system fonts

If we start to see general attacks, then I will update this & suggest using the fixit

An additional workaround to prevent Websites attacking you by using embedded fonts is to set Internet Explorer font downloads to prompt instead of allow . That way you at least get an alert if a font is being downloaded and you can make an educated opinion as to whether it is likely to be malicious
Open Internet Explorer
On the Tools menu, click Options and then click the Security tab.
Select Custom and click Settings.
Scroll to the Downloads section.
Change the Font Download setting from Enable to Prompt

Click to expand...

Log in or Sign up

Microsoft Fixit for Duqu 0 day exploit

dvk01 Moderator Malware Specialist Thread Starter

Welcome to Tech Support Guy!

Fake Microsoft Support Scam Pop-Up!

Log in or Sign up

Microsoft Fixit for Duqu 0 day exploit

dvk01 Moderator Malware Specialist Thread Starter

Welcome to Tech Support Guy!

Fake Microsoft Support Scam Pop-Up!

Useful Searches