Microsoft Fixit for Duqu 0 day exploit

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

dvk01

Derek
Thread Starter
Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
http://hijack-this.co.uk/2011/11/microsoft-fixit-for-dequ-0-day-exploit/

Temporary fixit & workaround for 0 day exploit relating to duqu malware

Fixit & unfixit here http://support.microsoft.com/kb/2639658

Advisory with manual “fixes” http://technet.microsoft.com/en-us/security/advisory/2639658

My considered advice is that you won’t need it and you should wait until Microsoft issue a full patch
So far all attacks have been directly targetted against specific companies or Government departments, That might change as the skiddies get hold of the exploit

Using the fixit might make some applications/ word docs or websites not display correctly ( or even at all ) if they use embedded True type fonts & they haven’t been set to gracefully fall back on standard system fonts

If we start to see general attacks, then I will update this & suggest using the fixit

An additional workaround to prevent Websites attacking you by using embedded fonts is to set Internet Explorer font downloads to prompt instead of allow . That way you at least get an alert if a font is being downloaded and you can make an educated opinion as to whether it is likely to be malicious
•Open Internet Explorer
•On the Tools menu, click Options and then click the Security tab.
•Select Custom and click Settings.
•Scroll to the Downloads section.
•Change the Font Download setting from Enable to Prompt
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top