Duqu infections are blamed on Microsoft Windows

SOFTWARE FIRM Microsoft has been blamed for letting the Duqu virus loose upon the world.

The Duqu virus was discovered earlier this month but until now no one knew how it was infecting machines. According to a report by security firm Symantec that is based on work by the Budapest-based Laboratory of Cryptography and System Security (CrySyS), it spread because of a security hole in Windows, which, let's face it, probably should not have surprised anyone.

"The installer file is a Microsoft Word document (.doc) that exploits a previously unknown kernel vulnerability that allows code execution. When the file is opened, malicious code executes and installs the main Duqu binaries," writes Symantec on its security blog. "The Word document was crafted in such a way as to definitively target the intended receiving organisation."

The attacks were well targeted then, and Symantec says that there were neither best practices nor workarounds for any infected organisations to turn to.

"Unfortunately, no robust workarounds exist at this time other than following best practices, such as avoiding documents from unknown parties and utilising alternative software," it adds.

"Once Duqu is able to get a foothold in an organisation through the zero-day exploit, the attackers can command it to spread to other computers." So far infections have been spotted in a handful of countries including the United Kingdom, Austria and Hungary.

Microsoft has acknowledged the problem and on Twitter its security response team says that it is looking into it. "We are working to address a vulnerability believed to be connected to the Duqu malware," it says. µ