No Fix for Duqu Bug in November Microsoft Patches?

Microsoft plans on shipping four bulletins, of which only one is rated critical, in the November edition of Patch Tuesday. But it looks doubtful that the company will issue a fix for the vulnerability discovered this week being used by the Duqu installer.

Windows patchMicrosoft plans on shipping four bulletins, of which only one is rated critical, in the November edition of Patch Tuesday. But it looks doubtful that the company will issue a fix for the vulnerability discovered this week being used by the Duqu installer.

The patch is set for release on Tuesday, November 8. In addition to the one critical vulnerability mentioned above, there will be two fixes receiving important severity ratings and one with a moderate rating.

Unpatched machines will be susceptible to remote code execution, elevation of privileges, and denial of service conditions.

The affected software for all of the bugs is Microsoft Windows.

It has been reported, and verified by Microsoft for that matter, that the widely publicized Duqu malware contains a Windows zero-day. It remains unknown whether or not Microsoft will address that problem with this month’s patch. Ryan Naraine of ZDNet claims Microsoft is not expected to do so.

As always, Microsoft will host a webcast to address customer questions and concerns just after the bulletins are released.

Suggested articles

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.