My Bitdefender
  • 0 Shopping Cart


Facebook Twitter Google Plus


3 Kb


This exploit is used to install files related to Duqu. If BitDefender detects a malware with any of the following detection then it is highly probable that the user is vulnerable to Exploit.CVE-2011-3402.Gen:

Rootkit.Duqu.A, Trojan.Duqu.A,  Trojan.Duqu.B, Trojan.Duqu.C

Removal instructions:

Please let Bitdefender disinfect your files.

Analyzed By

Stefan Dragan

Technical Description:


This is a generic detection for malicious TTF (True Type Font) files which exploit the CVE-2011-3402 vulnerability found in the Microsoft Windows driver "win32k.sys".

A successful attempt of exploiting this vulnerability allows an attacker to execute malicious code with elevated privileges on a user's computer. Therefore the attacker may have full access to the user's private data, installed programs and be able to install or run any malicious program.

This exploit is currently used in targeted attacks in order to install a rootkit for the malware Duqu. The rootkit is detected by Bitdefender with: Rootkit.Duqu.A