Microsoft Issues Workaround for Kernel Flaw

Microsoft has issued a temporary workaround for a critical privilege elevation vulnerability in the Win32k TrueType font-parsing engine that is being exploited by the Duqu Trojan. The flaw affects all versions of Windows from XP through Windows 7. Successful exploitation of the flaw could allow attackers to “run arbitrary code in kernel mode.” The workaround involves disabling support for embedded TrueType fonts.
Microsoft plans to issue a patch for the flaw as soon as possible.

Read Microsoft’s security advisory for details:    Vulnerability in TrueType Font Parsing Could Allow Elevation of Privileges

same_strip_012513

Related Posts

The Magnificent Seven 2023

Seven Trends . . . …that small bank Information Security Officers face in 2023 Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Welcom...
READ MORE

“Phone Phishing” – Awareness Poster (Re-release)

Another awareness poster for YOUR customers (and users). Now that we have our own employees aware, maybe it’s time to start posting content for our customers!Check out posters.infotex.com for...
READ MORE

“Strong Password Tips” – Awareness Poster

Another awareness poster for YOUR customers (and users). Now that we have our own employees aware, maybe it’s time to start posting content for our customers!Check out posters.infotex.com for...
READ MORE

infotex

MANAGING TECHNOLOGY RISK

Linkedin-in Facebook-f Youtube Twitter

SERVICES

EDUCATION

COMPANY

CONTACT

SIGN UP FOR OUR BLOG

As part of infotex‘s service to our clients, find “non-mainstream” articles about relevant security issues.

Facebook Youtube Twitter