Security 10816 Published by

Microsoft has released a workaround for the Windows kernel zero-day vulnerability exploited by the Duqu malware



From Threatpost:
In an advisory issued Thursday night, Microsoft security officials said that the flaw is in the TrueType font parsing engine in Windows. This is the first time that the exact location and nature of the flaw has been made public. Microsoft said that the permanent fix for the new vulnerability will not be ready in time for next week's November patch Tuesday release. The FixIt tool that Microsoft released Thursday automatically applies the workaround that the company suggests in its security advisory on the Windows kernel flaw.
  Microsoft Releases Workaround For Kernel Flaw Used By Duqu