Antivirus Protection & Internet Security Software
Kaspersky Lab Protects Against Duqu-originated Zero-day Vulnerability in Windows
Our security solutions are detecting the vulnerability that was used for distributing all known versions of the Duqu Trojan. Kaspersky Lab’s experts have successfully implemented protection against Trojan.Win32.Duqu.a as well as other malicious programs exploiting the CVE-2011-3402 vulnerability.
The “zero-day” type of vulnerability in question was found in the Win32k TrueType font-parsing engine; as such, the vulnerability affects various office programs. For example, a specially crafted Microsoft Word document opened on a victim’s machine can be used to elevate privileges and then run arbitrary code.
More information about the vulnerability can be found on Microsoft’s website.
Duqu FAQ. Latest update – March 27th, 2012
“The Mystery of Duqu” in blogs:
Be the first to know our news, follow Kaspersky Lab on Facebook and Twitter
Costin Raiu of Kaspersky Lab's Global Research and Analysis Team talks about the investigation into Duqu, the likelihood that it was written by the same team as Stuxnet, whether a government is behind its development and what mistakes the authors made.
Download the podcast from the Threatpost site.
The firstname.lastname@example.org e-mail is a digital hotline for those who may discover a Duqu infection on their PC. Сompanies and individuals can use it to contact Kaspersky Lab’s experts and request help in investigating an infection with Duqu.
The analysis carried out by Kaspersky Lab’s experts has proven that Duqu was used as a weapon for targeted attacks on certain businesses; as such, every single Duqu infection is no mere accident. Any infection attempt signals that it was important for cybercriminals to gain control over a certain system, so there’d be a high chance of repeated attacks using various other methods. By contacting Kaspersky Lab businesses and individuals can ensure the safety of their sensitive data.
Back to top
© 1997 – 2016 Kaspersky Lab
All Rights Reserved. Industry-leading Antivirus Software