Exploit:Java/CVE-2012-4681
Microsoft security software detects and removes this threat.
This threat uses a software vulnerability to download and run other files on your PC, including malware.
It runs when you visit a hacked website and you have a vulnerable version of Java. A number of legitimate websites could be hacked to unwillingly host this threat.
The following versions of Java are vulnerable:
- Oracle Java JDK and JRE 7 Update 5 and earlier
- JRE 6 Update 34 and earlier
To check if you're running a vulnerable version of Java:
- Go to the control panel (Select Start then Control Panel)
- Select Programs. If Java is installed you will see it in the list of installed programs. Click it to open the Java Control Panel.
- On the General tab, click About to see which version of Java you have installed.
You might get a detection for this threat when you visit a website that has the malicious code, even if you're not using a vulnerable version of Java. This doesn't mean that you have been compromised; it means an attempt to hack into your PC has been made.
The vulnerability that this threat exploits is described in CVE-2012-4681.
Java/CVE-2012-4681
Exploit:Java/CVE-2012-4681 is a family of malicious Java applets that attempt to exploit a vulnerability (CVE-2012-4681) in the Java Runtime Environment (JRE), in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, Exploit:Java/CVE-2012-4681 is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
Oracle Java JDK and JRE 7 Update 5 and earlier, JRE 6 Update 34 and earlier are all vulnerable to this exploit.
Exploit:Java/CVE-2012-4681.F
Exploit:Java/CVE-2012-4681.F is a malicious Java applet that attempts to exploit a vulnerability (CVE-2012-4681) in the Java Runtime Environment (JRE), in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, Exploit:Java/CVE-2012-4681.F is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
Oracle Java JDK and JRE 7 Update 5 and earlier, JRE 6 Update 34 and earlier are all vulnerable to this exploit.
Exploit:Java/CVE-2012-4681.SQ
Exploit:Java/CVE-2012-4681.SQ is a malicious Java applet that attempts to exploit a vulnerability (CVE-2012-4681) in the Java Runtime Environment (JRE), in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, Exploit:Java/CVE-2012-4681.SQ is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
Oracle Java JDK and JRE 7 Update 5 and earlier, JRE 6 Update 34 and earlier are all vulnerable to this exploit.
Exploit:Java/CVE-2012-4681.SU
Exploit:Java/CVE-2012-4681.SU is a malicious Java applet that attempts to exploit a vulnerability (CVE-2012-4681) in the Java Runtime Environment (JRE), in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, Exploit:Java/CVE-2012-4681.SU is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
Oracle Java JDK and JRE 7 Update 5 and earlier, JRE 6 Update 34 and earlier are all vulnerable to this exploit.
Exploit:Java/CVE-2012-4681.GJ
Exploit:Java/CVE-2012-4681.GJ is a malicious Java applet that attempts to exploit a vulnerability (CVE-2012-4681) in the Java Runtime Environment (JRE), in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, Exploit:Java/CVE-2012-4681.GJ is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
Oracle Java JDK and JRE 7 Update 5 and earlier, JRE 6 Update 34 and earlier are all vulnerable to this exploit.
Exploit:Java/CVE-2012-4681.QN
Exploit:Java/CVE-2012-4681.QN is a malicious Java applet that attempts to exploit a vulnerability (CVE-2012-4681) in the Java Runtime Environment (JRE), in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, Exploit:Java/CVE-2012-4681.QN is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
Oracle Java JDK and JRE 7 Update 5 and earlier, JRE 6 Update 34 and earlier are all vulnerable to this exploit.
Exploit:Java/CVE-2012-4681.SS
Exploit:Java/CVE-2012-4681.SS is a malicious Java applet that attempts to exploit a vulnerability (CVE-2012-4681) in the Java Runtime Environment (JRE), in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, Exploit:Java/CVE-2012-4681.SS is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
Oracle Java JDK and JRE 7 Update 5 and earlier, JRE 6 Update 34 and earlier are all vulnerable to this exploit.
Exploit:Java/CVE-2012-4681.AET
Exploit:Java/CVE-2012-4681.AET is a malicious Java applet that attempts to exploit a vulnerability (CVE-2012-4681) in the Java Runtime Environment (JRE), in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, Exploit:Java/CVE-2012-4681.AET is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
Oracle Java JDK and JRE 7 Update 5 and earlier, JRE 6 Update 34 and earlier are all vulnerable to this exploit.
Exploit:Java/CVE-2012-4681.FX
Exploit:Java/CVE-2012-4681.FX is a malicious Java applet that attempts to exploit a vulnerability (CVE-2012-4681) in the Java Runtime Environment (JRE), in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, Exploit:Java/CVE-2012-4681.FX is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
Oracle Java JDK and JRE 7 Update 5 and earlier, JRE 6 Update 34 and earlier are all vulnerable to this exploit.
Exploit:Java/CVE-2012-4681.AEO
Exploit:Java/CVE-2012-4681.AEO is a malicious Java applet that attempts to exploit a vulnerability (CVE-2012-4681) in the Java Runtime Environment (JRE), in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, Exploit:Java/CVE-2012-4681.AEO is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
Oracle Java JDK and JRE 7 Update 5 and earlier, JRE 6 Update 34 and earlier are all vulnerable to this exploit.
Exploit:Java/CVE-2012-4681.AFB
Exploit:Java/CVE-2012-4681.AFB is a malicious Java applet that attempts to exploit a vulnerability (CVE-2012-4681) in the Java Runtime Environment (JRE), in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, Exploit:Java/CVE-2012-4681.AFB is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
Oracle Java JDK and JRE 7 Update 5 and earlier, JRE 6 Update 34 and earlier are all vulnerable to this exploit.
Exploit:Java/CVE-2012-4681.AFE
Exploit:Java/CVE-2012-4681.AFE is a malicious Java applet that attempts to exploit a vulnerability (CVE-2012-4681) in the Java Runtime Environment (JRE), in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, Exploit:Java/CVE-2012-4681.AFE is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
Oracle Java JDK and JRE 7 Update 5 and earlier, JRE 6 Update 34 and earlier are all vulnerable to this exploit.
Exploit:Java/CVE-2012-4681.AFF
Windows Defender Antivirus detects and removes this threat.
This threat uses a Java vulnerability to download and run files on your PC, including other malware.
It runs when you visit a hacked or malicious website and you have a vulnerable version of Java.
The following versions of Java are vulnerable:
- Oracle Java JDK and JRE 7 Update 5 and earlier
- JRE 6 Update 34 and earlier
To check if you're running a vulnerable version of Java:
- In Control Panel, double-click Programs.
- If Java is installed you will see it in the list of installed programs. Click it to open the Java Control Panel.
- On the General tab, click About to see which version of Java you have installed.
You may get an alert about this threat even if you're not using a vulnerable version of Java. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.