Microsoft's workaround doesn't fix the vulnerability directly; it shuts off T2embed.dll instead. That shuts the door on Duqu, but also makes those fonts unavailable to apps or documents that currently assume they'll be available.
There are actually two files in the workaround: one to shut off T2embed.dll and the other to turn it back on again.
Keep in mind that Microsoft's labeling may be confusing. The first FixIt, marked "Enable" turns I the workaround, which turns off T2embed.dll.
The FixIt marked "Disable" turns off the workaround, which turns T2embed.dll back on, giving you back your fonts and making you vulnerable to the Duqu installer again.
- The first workaround Microsoft Fix It 507092 turns off the T2embed.dll The second workaround turns the True Type feature back on, in case having it shut off causes problems with your system.
- The FixIt that turns T2embed.dll and your fonts back on is number 50793.
Both are formatted in the easy-to-use Microsoft FixIt format – which automates changes to the registry, registration or deregistration of .DLLs, eliminates corrupted Registry entries and other often complex repairs.
The workarounds are quick work from Microsoft, but not a complete solution.
The Security update promises quick action and quick distribution for a final patch as well, but offered no estimate of how long the delay may be.
Read more of Kevin Fogarty's CoreIT blog and follow the latest IT news at ITworld. Follow Kevin on Twitter at @KevinFogarty. For the latest IT news, analysis and how-tos, follow ITworld on Twitter and Facebook.