The big zero-day exploit on everyone’s mind is Duqu, or “son of Stuxnet” – but researchers don’t expect Microsoft to include a patch for it in next week’s Patch Tuesday. Instead, a manual fix could be out as soon as this week.CHART: Duqu Malware Exploits Windows Zero-Day Kernel Bug, Attacks Via Word Document“While many dispute the threat imposed by this bug, no one disputes the risk of the Day Zero Vulnerability in Microsoft software that it takes advantage of. The vulnerability is exploited through a malicious Word document – when the user opens the document, a Zero Day Kernel Vulnerability is taken advantage of to execute malicious code. Microsoft did not issue a patch this cycle but an advisory will likely be released today or tomorrow with a link to a ‘Fix It’ hot fix. This means that user intervention will be required, as a hot fix cannot be pushed out to the entire network,” says Paul Henry, security and forensic analyst for patch vendor Lumension.Duqu is worrisome because it installs a keystroke logger and then can replicate itself, even across secure networks, using the passwords obtained. It communicates with other servers across the Internet, giving hackers access. The malware will remove itself after 30 days. The Microsoft Security team has been mostly mum on Duqu, with the exception of acknowledging the threat in a tweet Tuesday that simply said, “We are working to address a vulnerability believed to be connected to the Duqu malware.”So far it has issued no advisory. At least some of the security team have been aware of the threat for a while. On Oct. 18, Terry Zink, a program manager for Microsoft Forefront Online Security, blogged about Duqu and its possible relationship to Stuxnet. If not Duqu, Microsoft will be fixing other issues with Windows in Tuesday’s crop of fixes, with four patches total, one critical, two important and one moderate. The critical patch affects all versions of Windows, client and server, including Windows Server (even Server Core).Julie Bort is the editor of Network World’s Microsoft Subnet and Open Source Subnet communities. She writes the Microsoft Update and Source Seeker blogs. Follow Bort on Twitter @Julie188.Read more about wide area network in Network World’s Wide Area Network section. Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe