Microsoft Releases Fix it Solution for Duqu and Advanced Notification for November Bulletin

Microsoft has released  advanced notification for its November bulletin which will be released on 8th of this month.

This month will see the release of four security updates, of which one is rated critical, two are important and one is moderate. As noted in the table  below  , Bulletin 1 and 2 patches vulnerabilities that enable Remote Code Execution, while Bulletin 3 is for an Elevation of Privileges bug and Bulletin 4 is for a Denial of Service bug.


Of the four security updates, only Bulletin 3 applies to Windows XP and Server 2003. Bulletins 1, 2 and 3 apply to Windows Vista and Windows Server 2008. Interestingly, newer Operating Systems, Windows 7 and Windows Server 2008 R2 requires all four updates.

While Microsoft acknowledged zero-day vulnerability in a Windows component the Win32k TrueType font parsing engine – they did not include an update for this in this month’s Security Bulletin. Instead, they have released a Fix It solution which can be used until an update is released.

The vulnerability, which was utilized by the Duqu worm, will allow a hacker to run arbitrary code in kernel mode, thus giving him the ability to install or run software or to view/edit data. The temporary workaround for this vulnerability is to disable access to T2EMBED.DLL. The Fix it solution released by Microsoft just automates this process.

You can download the Fix it solution from here and the related security advisory can be found here.

In order to protect yourself from the zero-day attacks, make sure that you install the above mentioned updates as soon as they are released.

Stay up to date, stay safe.  

Published by

Nithin Ramesh

Nithin is a blogger and a Windows security enthusiast. He is currently pursuing Bachelors in Electronics and Communication. Apart from technology his other interests include reading and rock music. His Twitter handle is @nithinr6