Qualys Blog

www.qualys.com
wkandek

On the Microsoft Duqu Advisory – time to act yet ?

Last week Microsoft published advisory 2639658 for a new 0-day vulnerability in Windows' embedded font processing. The vulnerability now tagged as CVE-2011-2043 has been used in the infection vector for the recently discovered DuQu Malware.

Rodrigo Branco, our Director of Vulnerability and Malware Research just returned from the Microsoft BlueHat conference in Seattle with additional information on the behaviour of the vulnerability. Watch our conversation for further insight on the existing workarounds, their impacts and the current urgency to deploy them.

http://youtu.be/kE9fnQHTP2A

Leave a Reply