Microsoft Fix it 50792 protects from Duqu exploit

Author: , posted: @ 09:12:22

Microsoft has released a Fix it Tool 50792 that protects Windows users from embedded font vulnerability used in the infamous Duqu malware.

Because Microsoft will not patch the vulnerability in the upcoming Patch Tuesday release for November, 2011, it is strongly recommended to apply the manual fix at

The fix merely denies access to T2embed.dll file that contains a vulnerability allowing to take complete control over a Windows computer using a maliciously crafted TrueType font file. While this might cause a few problems displaying fonts correctly, it still is a working protection from the zero-day flaw.
The security bug affects all versions of Windows.

Users should click the Fix it button in the Enable section on the Microsoft page to download and apply the fix. Restart is not required.
Those who experience serious problems with embedded fonts after this, can click the button in the Disable section to undo the fix.
Microsoft Security Advisory: Vulnerability in TrueType font parsing could allow elevation of privileges

Related articles at

Return to Blog entries Stay up to date with RSS feed.


Latest entries