Navigation


Content

Microsoft Fix it 50792 protects from Duqu exploit

Author: .


Posted:
2011-11-04 @ 09:12:22
sec_bug

Microsoft has released a Fix it Tool 50792 that protects Windows users from embedded font vulnerability used in the infamous Duqu malware.

Because Microsoft will not patch the vulnerability in the upcoming Patch Tuesday release for November, 2011, it is strongly recommended to apply the manual fix at http://support.microsoft.com/kb/2639658.

The fix merely denies access to T2embed.dll file that contains a vulnerability allowing to take complete control over a Windows computer using a maliciously crafted TrueType font file. While this might cause a few problems displaying fonts correctly, it still is a working protection from the zero-day flaw.
The security bug affects all versions of Windows.

Users should click the Fix it button in the Enable section on the Microsoft page to download and apply the fix. Restart is not required.
Those who experience serious problems with embedded fonts after this, can click the button in the Disable section to undo the fix.
Microsoft Security Advisory: Vulnerability in TrueType font parsing could allow elevation of privileges

Related articles at www.winhelp.us:


Please support winhelp.us:
No PayPal account required!
Share: Facebook Google+ Twitter LinkedIn StumbleUpon Pinterest E-mail

Browser and plugin check Google Custom Search Donate to keep this site running