The director of security operations at nCircle Security thinks that Microsoft will not release a patch this month’s Patch Tuesday to fix a kernel bug that aids the Duqu’s infection process.
Read the full story here:
http://www.computerworld.com/s/article/9221373/Mic…t_week
According to Symantec, malformed Word documents can lead to a kernel bug which in turn helps attackers deploy Duqu. Such kernel vulnerabilities would typically allow attackers to gain access to install additional malware. This is quite common according to Symantec and may indicate that Duqu is not so sophisticated after all.
So far, Microsoft has released the following information about Duqu’s infection: