The odds are that Microsoft would not plot the Windows kernel bug following week that the Duqu remote-access Trojan feats to establish itself on targeted Computer's, a investigator told recents.


"Likely not," told Andrew Storms, conductor of protection procedures at nCircle protection, when asked what opportunity he gave Microsoft setting the flaw Nov. 8, this month's frequent Patch Tuesday.


"I thought we will encounter an advisory now or after today, but patching following week would actually be pushing it for Microsoft," told Storms.


He founded his presumption on Microsoft's seemingly activated move to news now from Symantec, which told that extra analysis expressed the Duqu malware is set up later a Windows kernel bug is exploited.


"If Microsoft had data early this, it would have been quicker either patching or with an advisory," told Storms. "They are in response mode now, and likely functioning up an advisory."Storms accepted a stab at what the advisory will hold.


"They will probably recommend straining Word files, and utilizing tools to alter elder files to the newer file format," said Storms.


According to Symantec, the Duqu examples it's assumed rely on a malformed Word file to establish the kernel exploit.


Duqu, which Symantec first advertised final month, was characterized by the protection firm as a potential precursor to the follow Stuxnet , the ultra-sophisticated worm that final year was pegged as an attack tool proposed at Iran's nuclear program.


Some analysts, still, have disagreed, and have ignored the view that Duqu can be dependably connected to Stuxnet. Now, Storms told that the hackers' exploit of the Windows kernel exposure reinforces the last mentioned idea.


"They are utilizing to deploy the Trojan," told Storms, indicatings to Symantec's explanation and going with diagram of Duqu's infection procedure. "That says me Duqu may not be a so sophisticated attack."


Leveraging kernel vulnerabilities -- which generally let approaches benefit the rights necessity on the targeted Computer to set up further malware -- is "pretty usual," mentioned Storms.


Microsoft has patched scores of kernel vulnerabilities this year, including a whopping 30 in April 2011 alone.


"Microsoft is cooperating with our partners to furnish securities for a vulnerability utilized in pointed effortss to infect pcs with the Duqu malware," told Jerry Bryant of the Microsoft Trustworthy Computing group, in an email. "We are functioning diligently to address this consequence and will free a protection update for customers by our protection bulletin procedures."


A Microsoft spokeswoman later rejected to point out on while the company would patch the kernel exposures.