Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Exploit:W32/CVE-2011-3402.A


Aliases:


Exploit:W32/CVE-2011-3402.A
Exploit:W32/CVE-2011-3402.A

Malware
Exploit
W32

Summary

Exploit:W32/CVE-2011-3402.A is a Generic Detection that identifies malicious files which exploit a known vulnerability in various Windows operating system versions.



Disinfection & Removal


Prevention

The malicious files identified by this detection exploit a known vulnerability in specific versions of the Windows opearting system. To prevent successful exploitation, please ensure you install the latest updates available for Windows. A patch for this vulnerability was released by Microsoft in December 2011 and is available at:


Disinfection

F-Secure Anti-Virus will automatically clean the relevant files.


Suspect A False Positive?

If you suspect a file has been wrongly identified by this detection (that is, it is a False Positive), you may elect to submit a sample of the file to our Labs for further analysis via:



Technical Details

Exploit:W32/CVE-2011-3402.A is a Generic Detection that identifies malicious font files which can be used to exploit a known vulnerability in the TrueType font parsing engine on specific versions of the Windows operating system.

If successfully used, this exploit can allow execution of malicious code contained in specially crafted font data on a web page or Word document.

This exploit is known to be used by malware such as the Cool exploit kit, which is associated with distributing Reveton ransomware, and the Duqu backdoor program.







Submit a sample




Wondering if a file or URL is malicious? Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)

Give And Get Advice




Give advice. Get advice. Share the knowledge on our free discussion forum.