Follow:

 

Exploit:HTML/Fashack.G


Microsoft security software detects and removes this threat.

This threat uses vulnerabilities in Adobe Flash Player, Oracle Java and Silverlight to install malware on your PC.

You might encounter it when you visit compromised or malicious websites.

Find out ways that malware can get on your PC.  



What to do now

The following free Microsoft software detects and removes this threat:

Even if we've already detected and removed this particular threat, running a full scan might find other malware that is hiding on your PC.

Update software

This threat can download malware if software on your PC isn't updated regularly.

Make sure you update all of the software on your PC.

Get more help

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

If you’re using Windows XP, see our Windows XP end of support page.

Threat behavior

Payload

Exploits vulnerabilities in Adobe Flash Player, Oracle Java, and Silverlight

The threat tries to exploit the following vulnerabilities:

  • CVE-2013-2460, which affects versions of Java 7 Update 21 and earlier
  • CVE-2013-0074, which affects Silverlight version 5 and earlier
  • CVE-2014-0497, which affects Adobe Flash Player version  11.7.700.261 and 11.8.x through 12.0.x, before 12.0.0.44

Downloads malware

If the threat successfully exploits a vulnerability, it tries to download malware onto your PC. We have seen it try to download the following threats:

Additional information

This threat is part of the exploit kit called "FlashPack". See our page on exploits for more information.

Analysis by Chun Feng


Symptoms

Alerts from your security software may be the only symptom.


Prevention


Alert level: Severe
First detected by definition: 1.169.2578.0
Latest detected by definition: 1.169.2578.0 and higher
First detected on: Apr 14, 2014
This entry was first published on: May 14, 2014
This entry was updated on: May 14, 2014

This threat is also detected as:
No known aliases