We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Exploit:Win32/CVE-2013-3660
Aliases: No associated aliases
Summary
Windows Defender detects and removes this threat.
This threat uses a Microsoft vulnerability to escalate the privilege of a running process. The vulnerability is called CVE-2013-3660 or the "Win32k.sys Elevation of Privilege Vulnerability".
You can read more and apply updates to prevent exploiting this vulnerability in Microsoft Security Bulletin MS13-053.
The threat will work if you have one of the following vulnerable versions 32-bit Windows:
- Windows 8.1
- Windows 8
- Windows 7 SP1
- Windows Vista SP2
- Windows RT 8.1
- Windows RT
- Windows Server 2012
- Windows Server 2012 R2
- Windows Server 2008 SP2
- Windows Server 2008 R2 SP1
- Windows Server 2003 SP2
You may get an alert about this threat even if you're not using a vulnerable version of the application. This is because we detect when a website or file tries to use the vulnerability, even if it isn't successful.
Use the following free Microsoft software to detect and remove this threat:
- Microsoft Defender Antivirus for Windows 10 and Windows 8.1, or Microsoft Security Essentials for Windows 7 and Windows Vista
- Microsoft Safety Scanner
You should also run a full scan. A full scan might find other hidden malware.
Update your software
It's important to keep your software up to date:
Get more help
You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.
If you’re using Windows XP, see our Windows XP end of support page.
