After first claiming it knew of a "handful of instances" where ICS systems in Europe were infected with Duqu, it now only says "at least one" case has been confirmed.

The data from Symantec is simply not enough to determine the seriousness of the threat posed by Duqu, said Richard Bejtlich, chief security officer at security vendor Mandiant.

"If there were no explicit linkages to Stuxnet this wouldn't be a story at all," he said. "Similar code that does similar activity would not leap off the pages."

While many security pros have called Duqu the 'Son of Stuxnet,' the only known linkage is the shared code, Bejtlich said.

"I think it is a little bit sensational," Bejtlich said. "To me the fact that someone may have copied or reused parts of Stuxnet code is interesting," but experts need more information to determine iDuqu's true capabilities.