Microsoft reveals flaw Duqu exploits, issues awkward workaround

Quick-fix shuts off Duqu installer, but turns off some fonts, too. Real patch still on the way

By  

Microsoft's workaround doesn't fix the vulnerability directly; it shuts off T2embed.dll instead. That shuts the door on Duqu, but also makes those fonts unavailable to apps or documents that currently assume they'll be available.

There are actually two files in the workaround: one to shut off T2embed.dll and the other to turn it back on again.

Microsoft Duqu Installer FixIt Workarounds:

Keep in mind that Microsoft's labeling may be confusing. The first FixIt, marked "Enable" turns I the workaround, which turns off T2embed.dll.

The FixIt marked "Disable" turns off the workaround, which turns T2embed.dll back on, giving you back your fonts and making you vulnerable to the Duqu installer again.

Both are formatted in the easy-to-use Microsoft FixIt format – which automates changes to the registry, registration or deregistration of .DLLs, eliminates corrupted Registry entries and other often complex repairs.

The workarounds are quick work from Microsoft, but not a complete solution.

The Security update promises quick action and quick distribution for a final patch as well, but offered no estimate of how long the delay may be.

Read more of Kevin Fogarty's CoreIT blog and follow the latest IT news at ITworld. Follow Kevin on Twitter at @KevinFogarty. For the latest IT news, analysis and how-tos, follow ITworld on Twitter and Facebook.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness