Exploit:JS/Blacole.AR
Exploit:JS/Blacole.AR is the detection for malicious JavaScript that loads a series of other exploits that are distributed as components of the "Blackhole kit". If the computer runs a vulnerable version of certain software and exploitation is successful, various malware may be downloaded.
Exploit:Java/CVE-2011-3544.BU
Exploit:Java/CVE-2011-3544.BU is a detection for the obfuscated Java applet stored within a Java Archive (.JAR) that attempts to exploit a vulnerability in a Java Runtime Environment (JRE) component in Oracle, JAVA SE JDK and JRE 7, 6 update 27 and earlier. The vulnerability, discussed in CVE-2011-3544, allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to run arbitrary Java code outside of the "sandbox" environment.
Exploit:Java/Blacole.CY
Exploit:Java/Blacole.CY is malicious Java code that exploits a vulnerability that allows the execution of arbitrary code. The vulnerability is further described in CVE-2010-0840; successful exploitation may lead to remote code execution.
Exploit:JS/Colkit.A
Microsoft security software detects and removes this threat.
This malicious JavaScript code can use vulnerable versions of Java, Adobe Reader, and Adobe Flash to load other malware onto your computer.
You can be infected with this threat if you visit a malicious or compromised webpage.
Exploit:Java/Blacole.D
Exploit:Java/Blacole.D is a Java Class module that is included in a JAR file. It is part of the 'Blackhole' exploit kit, described in CVE-2010-0840.
Exploit:Java/Blacole.W
Exploit:Java/Blacole.W is the detection for the Java class module included in "worms.jar" that is part of the "Blackhole" exploit pack. The file "worms.jar" is an applet that exploits the vulnerability in Java Runtime Environment described in CVE-2010-0840.
Exploit:JS/Blacole.AD
Exploit:JS/Blacole.AD is a malicious JavaScript that attempts to exploit several vulnerabilities in Adobe Acrobat and Reader. If the exploit is successful in compromising a vulnerable host, it could result in downloading and executing other malware. Exploit:JS/Blacole.AD is a component of an exploit kit that is distributed as the "Blackhole exploit pack".
Exploit:Java/CVE-2012-5076.GAA
Exploit:Java/CVE-2012-5076.GAA is a malicious Java applet that attempt to exploit a vulnerability (CVE-2012-5076) in the Java Runtime Environment (JRE) in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, Exploit:Java/CVE-2012-5076.GAA is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
The following versions of Java are vulnerable to this exploit:
JDK and JRE 7 Update 7 and earlier
Steps you can take
The nature of this threat means that you may need to take some steps to prevent being vulnerable from this, and similar exploits. We suggest you:
For detailed information about these steps, please see the Additional removal instructions below.
Exploit:Java/CVE-2011-3544.A
Exploit:Java/CVE-2011-3544.A is a malicious Java applet stored within a Java Archive (.JAR) file. It attempts to exploit a vulnerability in the Java Runtime Environment (JRE) component in Oracle JAVA SE JDK and JRE 7, 6 Update 27 and earlier. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to run arbitrary Java code outside of the "sandbox" environment.
More information about the vulnerability is available in the following articles:
Exploit:Win32/CVE-2015-2426
Windows Defender detects and removes this threat.
This is a maliciously-constructed Open Type font which is used to exploit the OpenType Font Driver Vulnerability - CVE-2015-2426.
It affects the following Windows versions:
- Windows Vista SP2
- Windows Server 2008 SP2 and R2 SP1
- Windows 7 SP1
- Windows 8
- Windows 8.1
- Windows Server 2012 and R2
- Windows RT 8.1
- Windows 10