Exploit:Java/CVE-2010-0840

(?)

Encyclopedia entry
Updated: Sep 28, 2011 | Published: Sep 28, 2011

Aliases

EXP/CVE-2010-0094.F.67

Avira

Exploit.CVE2010-0840.2 (Dr.Web)
Exploit.Java.Agent.fd (Kaspersky)
Java/Agent.CU (Norman)
Mal/JavaHel-B (Sophos)

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.

Detection last updated:
Definition: 1.151.554.0
Released: May 21, 2013

Detection initially created:
Definition: 1.97.1814.0
Released: Feb 15, 2011

Summary

Exploit:Java/CVE-2010-0840 is a detection for a family of malicious Java applet trojans that exploit a vulnerability described in CVE-2010-0840. The exploit is triggered when a user visits a website, containing the malicious applet, from a computer that is running a vulnerable version of Java.

Top

Symptoms

There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptoms.

Top

Technical Information (Analysis)

Successful exploitation may lead to the downloading and execution of arbitrary files under user's security context.

The malware is contained in a .class file or multiple .class files, depending on the variant. It may download and execute malicious programs from a specified URL.

Usually the files are downloaded in the temporary folder (%TEMP%) with a random name, and executed from there.

Analysis by Andrei Florin Saygo

Top

Prevention

Take these steps to help prevent infection on your computer.

Top

Recovery

To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:

For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.

Update vulnerable applications

This threat exploits a known vulnerability in the Java Runtime Environment (JRE). To prevent your computer from being vulnerable to this malware, make sure that you install the updates available from the vendor. You can read more about this vulnerability from the following links:

Additional removal instructions

These threats may be present in your Temporary Internet Files folder. We recommend that you delete your temporary Internet files to prevent the persistent detection of this threat from within the Temporary Internet Files folder.

To delete the temporary Internet files from Internet Explorer, refer to the following articles:

Top


	Provide feedback Please note: While your feedback is very important to us, we do not respond to individual submissions through this channel. Feedback, requests, or questions submitted through this form are monitored, however responses are not generated. If you require support, please visit the Safety & Security Center.