14 DAY TRIAL // The much awaited December security update released by Microsoft comes with 13 security bulletins that fix three critical security flaws, including the one utilized by the now infamous Duqu malware.
The manner in which TrueType fonts were handled in Windows kernel-mode drivers allowed for Duqu to make its way onto a system, permitting its master to take control of the infected device.
Another critical hole that could allow the execution of arbitrary code refers to an ActiveX issue. ActiveX kill bits are included to make sure maliciously crafted webpages and specific binary behaviors in Internet Explorer will not affect users.
Windows Media Player and Windows Media Center were also found to be vulnerable. An attacker could have taken over a machine if he managed to persuade an individual into opening a malevolent file.
The remaining 10 weaknesses, rated as important, were found in Microsoft Office, OLE, Active Directory, Windows client/server run-time subsystem, and in the Windows kernel.
The flaws found in the Office products involved some social engineering since in order for the attacker to take total control of the device he would need to convince the victim to run specially crafted Word, Excel, Publisher or PowerPoint files.
Users whose accounts were set to have fewer rights were not so exposed as of those who operated their devices with full administrative permissions.
If the latest patches are not deployed, a remote code execution is possible if an individual opens an OLE object that was created by a hacker with the intention of taking over a system.
Active Directory Application Mode (ADAM) and Active Directory Lightweight Directory Service (AD LDS) were both susceptible to an attack if a cybercriminal managed to log on to an AD domain and run a malicious element.
Finally, a cumulative security update for Internet Explorer was released to prevent users from being infected by a specially crafted DLL that was placed in the same directory as a legitimate HTML file.