Hackers have used a security flaw in Microsoft’s Windows operating system to infect computers with the the Duqu virus, Microsoft admits.
“We are working diligently to address this issue and will release a security update for customers,” Microsoft said in a statement.
The Duqu virus, which was discovered in October by Symantec, is thought by some experts to be the next big cyber security threat. It shares some of the code with Stuxnet, a malicious worm which targeted Iran’s nuclear program, but Duqu is specifically created for gathering intelligence data from agencies and corporations.
Microsoft’s statement did not include any additional details, but Symantec discovered that Duqu was initially infecting systems through a compromised Microsoft Word document which installs the malicious software after it’s opened.
Duqu infections have currently been confirmed in several countries, including France, Netherlands, Switzerland, India, Iran, Ukraine, Sudan and Vietnam.