We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Aliases: Blackhole Exploit Pack (other) BlacoleRef (other) Blackhole (other)
Windows Defender detects and removes this family of threats.
You should also update your software to be fully protected.
When you visit a malicious or compromised website, Blacole scans your PC for vulnerabilities or weaknesses in your software.
You might visit the website from a link or attachment in an email, or from a previously safe website that has been hacked.
The threat uses those vulnerabilities it has found on your PC to download malware onto your PC:
Typically, the Blacole exploit kit attempts to exploit vulnerabilities in applications such as Oracle Java, Sun Java, Adobe Acrobat and Adobe Reader.
The following free Microsoft software detects and removes this threat:
Even if we've already detected and removed this particular threat, running a full scan might find other malware that is hiding on your PC.
You can also visit the Microsoft virus and malware community for more help.
Make sure you install all available Java updates. This threat exploits multiple Java vulnerabilities, so installing the latest version of Java helps protect your PC from this threat.
You should remove older versions of Java, as keeping old and unsupported versions of Java on your PC is a serious security risk:
If you continue to get alerted about this threat, deleting your temporary Java files can help:
It's also important to keep your other software up to date:
Update Adobe products
Make sure you install all available Adobe updates. This threat exploits multiple Adobe vulnerabilities, so installing the latest version of Adobe Acrobat, Reader, or Flash helps protect your PC from this threat.