Microsoft security software detects and removes this family of threats.

This malware family looks for vulnerabilities in the following software:

  • Java Development Kit and Java Runtime Environment
  • Adobe Flash Player
  • Microsoft True Type Font

If a vulnerability is found they can then download other malware onto your PC.

You can be redirected to a malicious or compromised website that hosts this threat as you browse the Internet or when you click a link in a spam email.

Our exploits page explains more about this type of threat.

What to do now

You might get an alert about this threat even if you're not using vulnerable software. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.

Use the following free Microsoft software to detect and remove this threat:

You should also run a full scan. A full scan might find other, hidden malware.

Update Java

Make sure you install all available Java updates. You can read more about this vulnerability and download software updates from these links:

You should remove older versions of Java, as keeping old and unsupported versions of Java on your PC is a serious security risk:

If you continue to get alerted about this threat, deleting your temporary Java files can help:

It's also important to keep your other software up to date:

You can read about the Microsoft True Type Font vulnerability in Microsoft Security Advisory 2639658.

Get more help

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

If you’re using Windows XP, see our Windows XP end of support page.

Threat behavior

JS/Anogre is a detection for the JavaScript components of the "SweetOrange" exploit kit. This exploit kit can exploit vulnerabilities in Java, Adobe Flash Player and Microsoft True Type font.

The threat checks for the following vulnerabilities:

This list of software vulnerabilities exploited by JS/Anogre is not exhaustive.

If JS/Anogre is successful in its exploit attempt it will then attempt to download more malware onto your PC.

Analysis by Methusela Cebrian Ferrer


Alerts from your security software may be the only symptom.


Alert level: Severe
This entry was first published on: Jul 14, 2014
This entry was updated on: Sep 16, 2014

This threat is also detected as:
No known aliases