Duqu worm looms as 'next big cyber threat'
(Read article summary)The Duqu computer worm wiggled into the spotlight late last month. Here's what you can do to make sure Duqu doesn't infect your machine.
According to a new report, Duqu, a computer worm first detected late last month, may be using a hole in the Windows operating system to spread from machine to machine. Over at Symantec, Vikram Thakur identifies the Duqu installer file as a simple Word document, which, once downloaded, allows the Duqu worm to wiggle its way deep into your hard drive.
"The installer file is a Microsoft Word document (.doc) that exploits a previously unknown kernel vulnerability that allows code execution," Thakur wrote yesterday on the Symantec site. "We contacted Microsoft regarding the vulnerability and they're working diligently towards issuing a patch and advisory. When the file is opened, malicious code executes and installs the main Duqu binaries."
Translation: Open the file, and lose control of your machine. Thakur says that Duqu infections have been reported by six unnamed organizations in eight countries, including France, Netherlands, Switzerland, India, and Ukraine. Meanwhile, security vendors in the United Kingdom have also reported possible Duqu infections. Duqu, Reuters notes today, may be the "next big cyber threat."
