Coverage Information for Microsoft Security Advisory (2639658)



Category: Uncategorized
 Tags:

Summary

Microsoft has published a Security Advisory (“Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege”, CVE-2011-3402) regarding a vulnerability in Microsoft Windows operating systems that can allow an attacker to craft a malicious TrueType font that can result in the execution of arbitrary code in kernel mode.

Complete information from Microsoft is available at http://technet.microsoft.com/en-us/security/advisory/2639658.

Coverage Information

Palo Alto Networks content update version 275 (released 11/8/11) provides signature-based detection of attempted exploitation of the vulnerability described in this Microsoft Security Advisory.

The following signatures have been added to detect exploitation of this vulnerability:

Severity ID Name CVE Default action
critical 34517 Microsoft TrueType Font Rendering Memory Corruption Vulnerability CVE-2011-3402 alert
critical 34518 Microsoft TrueType Font Rendering Memory Corruption Vulnerability CVE-2011-3402 alert

Palo Alto Networks customers with a Threat Prevention subscription are advised to verify that they are running the latest content version on their devices.  If you have any questions about coverage for this advisory, please contact support.

Revision History

11/9/11 – Advisory posted

Got something to say?

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.


© 2018 Palo Alto Networks, Inc. All rights reserved.