Microsoft has issued a temporary fix to the pernicious Duqu virus — also known as "Son of Stuxnet" — which could affect users of Windows XP, Vista, Windows 7 as well as Windows Server 2008.
The company promised the security update earlier this week as it races to deal with the virus, which targets victims via email with a Microsoft Word attachment. The virus is not in the email, but in the attachment itself. A Symantec researcher said if a user opens the Word document, the attacker could take control of the PC, and nose around in an organization's network to look for data, and the virus could propagate itself.
To learn whether your computer could be at risk, visit Microsoft's security page, and get the temporary fix here. The company said it is also working on a "high-quality security update to address" Duqu. (Msnbc.com is a joint venture of Microsoft and NBCUniversal.)
"The security advisory provides a workaround that can be applied to any Windows system," wrote Jerry Bryant of Microsoft's Trustworthy Computing Group on the company's blog. "To make it easy for customers to install, we have released a Fix it that will allow one-click installation of the workaround and an easy way for enterprises to deploy."
Security researchers became aware of Duqu in October when Symantec said it had found a virus that contained code similar to Stuxnet, a piece of malicious software believed to have wreaked havoc on Iran's nuclear program.
Symantec's Vikrum Thakur told Red Tape's Bob Sullivan last month that the authors of the virus are brilliant and mean business, and that Duqu may be looking to gather intelligence as a precursor to a future industrial-strength attack on infrastructure computers.
"There is a common trait among the (computers) being attacked," Thakur said. "They involve industrial command and control systems."
Microsoft, in its posting Thursday night, said that, if successful, the Duqu attacker could "install programs; view, change, or delete data; or create new accounts with full user rights. "
Despite the dangers, right now Microsoft believes "the risk for customers remains low."
However, Bryant wrote, "that is subject to change, so we encourage customers to either apply the workaround or ensure their anti-malware vendor has added new signatures based on the information we’ve provided them to ensure protections are in place for this issue."
- Microsoft software bug linked to 'Duqu' virus
- Same authors created malware that infected nuclear facilities?
- Windows XP turns 10, still thrives
- Red Tape: 'Son of Stuxnet' virus could be used to attack critical computers worldwide