Microsoft issues update to fix Duqu Trojan
SUBNET Solutions Inc | Thursday, May 10, 2012
Microsoft announced on May 8 that it had issued its May 2012 Patch Tuesday, which addressed serious flaws in Office, Windows and the .NET Framework - vulnerabilities that were exploited by the Duqu malware, TechTarget reports.
In all, Microsoft released seven bulletins deemed "critical" that were issued to repair the front-parsing code. The update is the second patch Microsoft has released since December concerning software that had been contaminated by the Duqu Trojan, a worm that has been studied by cyber security professionals since its initial appearance in October 2011.
Duqu, which displays code similar to Stuxnet, quietly gathers data on industrial systems, as opposed to the infrastructure-crippling nature of Stuxnet. Duqu was originally addressed by MS11-087, however Microsoft engineer Jonathan Ness later posted in a blog that other products had been affected, according to the news source.
The most recent fix addresses 10 vulnerabilities found in Windows Journal Viewer, Silverlight and the .NET Framework. The Duqu announcement is drawing swarms of attention due to the huge implications of the trojan and its ability to be triggered by a drive-by attack, according to Jason Miller, a vulnerability expert and manager of R&D at VMware.
"You have yourself a lot of different types of operating systems and different products that are covered inside of this. It’s going to touch a lot of different parts of the network," said Miller, adding that three of the vulnerabilities have already been publicly disclosed, upping the importance of patching necessary systems.
According to Miller, security experts will find that patching the vulnerability will come slowly, as security professionals will need to "take a look at the reports coming back on their systems and make sure you’re getting every patch. This one bulletin has over 30 patches in it."
The patch is a strong example of Microsoft's proactive approach to addressing cyber security issues. To keep up with rapidly evolving malicious software or malware, the company regularly releases updates that are designed to solve issues as they arise.
SUBNET, a Microsoft Gold Certified Partner, similarly keeps its products evolving on a constant basis to ensure the most advanced computing technologies and capabilities are being implemented. SUBNET's products and software are developed to help utilities comply with strict NERC CIP requirements, as cyber security has become one of the most pressing issues concerning the smart grid.
Substation Automation & Remote Access