We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Exploit:SWF/Axpergle
Aliases: Angler (other)
Summary
Windows Defender detects this threat.
This threat is a detection for specially-crafted Shockwave Flash (.SWF) files that attempt to exploit software vulnerabilities in Adobe Flash Player known as part of the Angler exploit kit. We have seen this threat exploit the CVE-2014-8439, CVE-2015-0310, CVE-2015-0311, CVE-2015-0313 vulnerabilities.
It uses an Adobe Flash Player vulnerability to download and run files on your PC, including malware.
The exploit is also called Angler.
The following versions of Adobe Flash Player are vulnerable:
- Adobe Flash Player 16.0.0.296 and earlier versions
- Adobe Flash Player 13.0.0.264 and earlier 13.x versions
- Adobe Flash Player 11.2.202.440 and earlier 11.x versions
You might get an alert about this threat even if you're not using a vulnerable version of Adobe Flash Player. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.
To learn more about how this threat is being used by cybercriminals,
Use the following free Microsoft software to detect and remove this threat:
- Microsoft Defender Antivirus for Windows 10 and Windows 8.1, or Microsoft Security Essentials for Windows 7 and Windows Vista
- Microsoft Safety Scanner
- Microsoft Windows Malicious Software Removal Tool
You should also run a full scan. A full scan might find hidden malware.
Get more help
You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.
Update Adobe products
Make sure you install all available Adobe updates. You can read more about this vulnerability and download software updates from these links:
It's also important to keep your other software up to date:
Enable MAPS
Enable the Microsoft Active Protection Service (MAPS) on your system to protect your enterprise software security infrastructure in the cloud.
-
Check if MAPS is enabled in your Microsoft security product:
-
Select Settings and then select MAPS.
-
Select Advanced membership, then click Save changes. With the MAPS option enabled, your Microsoft anti-malware security product can take full advantage of Microsoft's cloud protection service.
- Join the Microsoft Active Protection Service Community.
