Windows Defender detects and removes this threat.

This threat uses a vulnerability in your software to download other malware.

It runs when you visit a hacked website and you have a vulnerable version of Java installed on your PC. A number of legitimate websites could be hacked or unwillingly host this threat.

The following versions of Java are vulnerable:

• Oracle Java SE and Java for Business 6 Update 18 and earlier

To check if you're running a vulnerable version of Java:

1. Go to the control panel (Select Start then Control Panel)
2. Select Programs. If Java is installed you will see it in the list of installed programs. Click it to open the Java Control Panel.
3. On the General tab, click About to see which version of Java you have installed.

You might get a detection for this threat if you visit a website that has the malicious code, even if you're not using a vulnerable version of Java. This doesn't mean that you have been hacked; it means someone has tried to hack into your PC.

The vulnerability that this threat exploits is described in CVE-2010-0840.

Exploit:Java/CVE-2010-0840.NT is a malicious Java applet that exploits a vulnerability of privilege escalation in JRE (Java Runtime Environment) versions 5 and 6 as described in CVE-2010-0840. The Java exploit is a component of the "Blackhole" exploit pack and is hosted on compromised web sites.

Exploit:Java/CVE-2010-0840.EX is the detection for a malicious and obfuscated Java class that exploits the vulnerability described in CVE-2010-0840. Successful exploitation may lead to the download and execution of arbitrary files within the user's security context.

Exploit:Java/CVE-2010-0840.DV is the detection for a malicious and obfuscated Java class that exploits the vulnerability in Java described in CVE-2010-0840. Successful exploitation leads to remote code execution.

Exploit:Java/CVE-2010-0840.LE is a variant of Exploit:Java/CVE-2010-0840 - a detection for malicious Java applets that exploit the vulnerability described in CVE-2010-0840. Successful exploitation may lead to remote code execution.

Exploit:Java/CVE-2010-0840.ED is the detection for a trojan Java applet that exploits a vulnerability described in CVE-2010-0840. Successful exploitation may lead to the downloading and execution of arbitrary files under the user's security context.

Exploit:Java/CVE-2010-0840.OS is a detection for a family of malicious Java applet trojans that exploit a vulnerability described in CVE-2010-0840.OS. The exploit is triggered when a user visits a website, containing the malicious applet, from a computer that is running a vulnerable version of Java.

Exploit:Java/CVE-2010-0840.HH is the detection for a malicious and obfuscated Java class that exploits a vulnerability described in CVE-2010-0840. Successful exploitation may lead to the downloading and execution of arbitrary files under the user's security context.

Exploit:Java/CVE-2010-0840.DR is a detection for a malicious and obfuscated Java class that exploits the vulnerability described in CVE-2010-0840. Successful exploitation leads to remote code execution.