what does it mean?

https://www.virustotal.com/ru/file/e4bed491f87925104a0d21f6cfadb952eda716101051c34fa1cd407a85a4d0af/analysis/1447806690/

https://fontlibrary.org/assets/downloads/deuperset/1ced2a4eaf39534e57a0f0f457461d83/deuperset.zip >> https://www.virustotal.com/ :o

[b][i]it was necessary to update the Microsoft Font Driver >> [u]https://technet.microsoft.com/en-us/library/security/MS15-078[/u][/i][/b]

waiting for fix the virus database of Avast

Read here: https://www.avast.com/nl-nl/exploit-protection.php
An article that discribes the exploit and the impact thereof: http://blog.trendmicro.com/trendlabs-security-intelligence/hacking-team-leak-uncovers-another-windows-zero-day-ms-releases-patch/

polonus

is the font and http://fontlibrary.org/ not been seen to this day in the spread of exploits :frowning:

XFilius

Message from F-Secure lab

================================
The file you submitted is clean. It is not malicious.

Me asking: So there is no exploit there? CVE-2015-2426

Yes, there is no exploit CVE-2015-2426.

https://www.virustotal.com/nb/file/e4bed491f87925104a0d21f6cfadb952eda716101051c34fa1cd407a85a4d0af/analysis/1447944694/
https://www.virustotal.com/nb/file/d4ddf04f09c4db79c3168f032fc7e86bec14faf48360be6214f58109b04a1cd8/analysis/1447944711/

What a nutcase there at F-Secure.

There sure is such a exploit:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2426

I think you are misunerstanding the answer, he did not say CVE-2015-2426 does not exist … he said the exploit is not in those files

One of the files is 2 months old at VT First submission 2015-09-18 23:02:13 UTC ( 2 months ago )
So why so few to report it?

zip file containe 8 files, only two are detected https://www.metascan-online.com/#!/results/file/6aa758025e7d48a19038a6fdaa49860a/extracted

Anyway, have sendt files to avast lab … will see what they say

Many anti-malware tools don’t check if a exploit is fixed or not.
They only detect things when the exploit actively is being abused.

Well Eddy, it seems the nutcase at F-Secure was correct, this is result from Avira lab

https://analysis.avira.com/en/status?uniqueid=Lsc2dqEOQhpAB6x4TdWrpP8hKjnpgw11&incidentid=1952788

File ID Filename Size (Byte) Result 28661650 Deuperset/Deupers...ar.eot 13.73 KB CLEAN 28661651 Deuperset/Deupers...ar.otf 11.86 KB FALSE POSITIVE 28661652 Deuperset/Deupers...ar.sfd 83.87 KB CLEAN 28661653 Deuperset/Deuper...ar.sfd~ 83.84 KB CLEAN 28661654 Deuperset/Deupers...ar.svg 28.59 KB CLEAN 28661655 Deuperset/Deupers...ar.ttf 13.55 KB FALSE POSITIVE 28661656 Deuperset/Deuper...ar.woff 4.81 KB CLEAN 28661657 Deuperset/README 1 KB CLEAN

Hello,
detection for CVE-2015-2426 will be fixed in next VPS release.

Milos