Exploit:JS/CVE-2014-0322 threat description - Microsoft Security Intelligence

Summary

Windows Defender detects and removes this threat.

This threat uses a vulnerability in Internet Explorer 9 and 10 to download and run files on your PC, including other malware.

It runs when you visit a hacked or malicious website and you have a vulnerable version of Internet Explorer.

You should update to Internet Explorer 11. If you can't update Internet Explorer, apply the Microsoft Fix it described in Microsoft Security Advisory (2934088).

See the following sites for more help information:

Microsoft security advisory: Vulnerability in Internet Explorer could allow remote code execution
Security Research and Defense Blog: Fix it tool available to block Internet Explorer attacks leveraging CVE-2014-0322

The following free Microsoft software detects and removes this threat:

Microsoft Security Essentials or, for Windows 8, Windows Defender
Microsoft Safety Scanner

Even if we've already detected and removed this particular threat, running a full scan might find other malware that is hiding on your PC.

You can also visit the Microsoft virus and malware community for more help.

Exploit:JS/CVE-2014-0322

Summary

What to do now

Technical information

Threat behavior

Threat in context

What is an exploit?

Payload

Prevention

Symptoms