Detect Date 11/06/2011
Class Exploit
Platform Win32

This family includes malicious code that attempts to exploit a vulnerability in the Win32 TrueType font-parsing engine of the Microsoft Windows component “Win32k.sys”. An attacker that successfully exploits this vulnerability can run arbitrary code in kernel mode.

Geographical distribution of attacks by Exploit.Win32.CVE-2011-3402 family

Geographical distribution of attacks during the period from 25 March 2019 to 25 March 2020

Top 10 countries with most attacked users (% of total attacks)

  Country Percentage of users*
1 Korea, Republic of 59.07
2 Vietnam 7.82
3 United States 4.03
4 Japan 2.88
5 Germany 2.47
6 Brazil 1.52
7 Russian Federation 1.36
8 France 1.03
9 Mexico 1.03
10 Spain 1.03

* Percentage of all unique Kaspersky users worldwide who have been attacked by this malware

Find out the statistics of the threats spreading in your region