Duqu exploits same Windows font engine patched last month, Microsoft confirms

Microsoft on Thursday confirmed that the Windows kernel vulnerability exploited by the Duqu Trojan is within the TrueType parsing engine, the same component it last patched just last month.