Microsoft Issues Workaround for Kernel Flaw

Microsoft has issued a temporary workaround for a critical privilege elevation vulnerability in the Win32k TrueType font-parsing engine that is being exploited by the Duqu Trojan. The flaw affects all versions of Windows from XP through Windows 7. Successful exploitation of the flaw could allow attackers to “run arbitrary code in kernel mode.” The workaround involves disabling support for embedded TrueType fonts.
Microsoft plans to issue a patch for the flaw as soon as possible.

Read Microsoft’s security advisory for details:    Vulnerability in TrueType Font Parsing Could Allow Elevation of Privileges

same_strip_012513

Related Posts

Considerations – Why you should choose infotex, Inc. as your next MSOC!

Reasons why we should be considered! infotex provides a number of services that can be checked out if you click over to offerings.infotex.com! We even made a movie with all the reasons why infotex...
READ MORE

The Magnificent Seven 2023

Seven Trends . . . …that small bank Information Security Officers face in 2023 Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Welcom...
READ MORE

infotex

MANAGING TECHNOLOGY RISK

Linkedin-in Facebook-f Youtube Twitter

SERVICES

EDUCATION

COMPANY

CONTACT

SIGN UP FOR OUR BLOG

As part of infotex‘s service to our clients, find “non-mainstream” articles about relevant security issues.

Facebook Youtube Twitter