Skip to main content

Microsoft Patch Tuesday Fixes Critical Windows 7 Bug, Leaves Out Duqu Zero-Day

Microsoft provided four security updates to cure four Windows vulnerabilities that mostly effect Windows Vista and Windows 7, the newest versions of the operating system, but somehow missed out on the zero-day vulnerability that is exploited by Duqu.

Out of the four only one update has been rated as "critical" and this is most-serious ranking of threat by Microsoft.

Two updates have been marked as "important" and the last one is identified as "moderate". As per expectations Microsoft did not provide any patch for Windows kernel vulnerability which was exploited by the Duqu Trojan campaign.

The most important update MS 10-083, patches the bug present in Windows Vista, Windows 7 and also TCP/IP stack of Server 2008 that regulates internet connectivity. The attacker can use this vulnerability to infect and hijack any unpatched PC, Microsoft stated.

Director of security operations at nCircle Security, Andrew Storms, said, "This critical bug allows an attack via the network, and looks troublesome at first glance.....But it doesn't look very easy to pull off, so in this case, it's not as big a concern as one would think." reported by Computer World (opens in new tab).

On the unpatched Duqu exploited bug, researchers noted that even though Microsoft did not patch it, they did fix another flaw which is a component targeted by Trojan.

Ravi Mandalia
Contributor

Ravi Mandalla was ITProPortal's Sub Editor (and a contributing writer) for two years from 2011. Based in Ahmedabad, India, Ravi is now the owner and founder of Parity Media Pvt. Ltd., a news and media company, which specializes in online publishing, technology news and analysis, reviews, web site traffic growth, web site UI. Ravi lists his specialist subjects as: Enterprise, IT, Technology, Gadgets, Business, High Net Worth Individuals, Online Publishing, Advertising, Marketing, Social Media, News, Reviews, Audio, Video, and Multi-Media. He has also previously worked as Dy. Manager - IT Security at (n)Code Solutions.