The manner in which TrueType fonts were handled in Windows kernel-mode drivers allowed for Duqu to make its way onto a system, permitting its master to take control of the infected device.
Windows Media Player and Windows Media Center were also found to be vulnerable. An attacker could have taken over a machine if he managed to persuade an individual into opening a malevolent file.
The remaining 10 weaknesses, rated as important, were found in Microsoft Office, OLE, Active Directory, Windows client/server run-time subsystem, and in the Windows kernel.
The flaws found in the Office products involved some social engineering since in order for the attacker to take total control of the device he would need to convince the victim to run specially crafted Word, Excel, Publisher or PowerPoint files.
Users whose accounts were set to have fewer rights were not so exposed as of those who operated their devices with full administrative permissions.
If the latest patches are not deployed, a remote code execution is possible if an individual opens an OLE object that was created by a hacker with the intention of taking over a system.
Active Directory Application Mode (ADAM) and Active Directory Lightweight Directory Service (AD LDS) were both susceptible to an attack if a cybercriminal managed to log on to an AD domain and run a malicious element.
Finally, a cumulative security update for Internet Explorer was released to prevent users from being infected by a specially crafted DLL that was placed in the same directory as a legitimate HTML file.
Rate this article