Home / malware Exploit.CVE-2011-3402.Gen
First posted on 21 November 2011.
Source: BitDefenderAliases :
There are no other names known for Exploit.CVE-2011-3402.Gen.
Explanation :
This is a generic detection for malicious TTF (True Type Font) files which exploit the CVE-2011-3402 vulnerability found in the Microsoft Windows driver "win32k.sys".
A successful attempt of exploiting this vulnerability allows an attacker to execute malicious code with elevated privileges on a user's computer. Therefore the attacker may have full access to the user's private data, installed programs and be able to install or run any malicious program.
This exploit is currently used in targeted attacks in order to install a rootkit for the malware Duqu. The rootkit is detected by Bitdefender with: Rootkit.Duqu.ALast update 21 November 2011