just released the our KV2011 virus definition update for Nov 6th. This update
involoves the detection logic for CVE-2011-3402,
which is a 0-day Windows vulnerability that can lead to a remote code execution
or a local privilege elevation.
Security Advisory (2639658), CVE-2011-3402 is related to Win32k TrueType
Font parsing engine. It has already been seen “in the wild” as an attacking
vector of the Duqu malware.
strongly recommend KV2011 users to update your virus definition immediately. If
you are not using KV2011, here’s the download link for 32-bit and 64-bit installer.