This threat uses a Microsoft vulnerability to escalate the privilege of a running process. The vulnerability is called CVE-2013-3660 or the "Win32k.sys Elevation of Privilege Vulnerability".

You can read more and apply updates to prevent exploiting this vulnerability in Microsoft Security Bulletin MS13-053.

The threat will work if you have one of the following vulnerable versions 32-bit Windows:

• Windows 8.1
• Windows 8
• Windows 7 SP1
• Windows Vista SP2
• Windows RT 8.1
• Windows RT
• Windows Server 2012
• Windows Server 2012 R2
• Windows Server 2008 SP2
• Windows Server 2008 R2 SP1
• Windows Server 2003 SP2

You may get an alert about this threat even if you're not using a vulnerable version of the application. This is because we detect when a website or file tries to use the vulnerability, even if it isn't successful.