CrySyS said its toolkit, which includes four command-line-executable components, intentionally includes "very simple, easy-to-analyze program source code . To check that there is no backdoor or malicious code inside." That way, potential users can easily validate the source code before using it in highly specialized environments.
To date, Microsoft has detailed a workaround for the zero-day vulnerability that researchers unearthed in the Duqu source code, which involves a font parsing flaw in the TrueType engine in 32-bit versions of Windows. That vulnerability would have helped the malware to spread and infect its target without being detected. But Microsoft has yet to issue a patch that fixes the flaw exploited by Duqu.
0Awesome Comments!