Blacole
Windows Defender detects and removes this family of threats.
You should also update your software to be fully protected.
The Blacole exploit pack tries to infect your PC with other malware, such as trojans and viruses. It also known as "Blackhole".
See our page about exploits and learn how to update common software.
When you visit a malicious or compromised website, Blacole scans your PC for vulnerabilities or weaknesses in your software.
You might visit the website from a link or attachment in an email, or from a previously safe website that has been hacked.
The threat uses those vulnerabilities it has found on your PC to download malware onto your PC:
Typically, the Blacole exploit kit attempts to exploit vulnerabilities in applications such as Oracle Java, Sun Java, Adobe Acrobat and Adobe Reader.
Exploit:JS/Sevdaq
Windows Defender detects and removes this threat.
This threat uses a JavaScript vulnerability to check your PC for security software. It then looks for certain information about your computer that might be used in a future attack. It uses the vulnerability described in CVE-2013-7331 to exploit your PC.
It runs when you visit a hacked or malicious website and you have a vulnerable version of Internet Explorer.
You might get an alert about this threat even if you're not using vulnerable software. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.
Exploit:SWF/CVE-2015-0311
Windows Defender detects and removes this threat.
This threat uses an Adobe vulnerability to download and run files on your PC, including malware.
It runs when you visit a malicious or hacked website and you have a vulnerable version of Adobe Flash Player.
The following versions of Adobe Flash Player are vulnerable:
- Adobe Flash Player 16.0.0.287 and earlier versions for Windows and Macintosh
- Adobe Flash Player 13.0.0.262 and earlier 13.x versions
- Adobe Flash Player 11.2.202.438 and earlier versions for Linux
If you visit a webpage containing this threat and your PC has a vulnerable version of Flash installed, this threat can download and run other malware.
Exploit:JS/Cooexp.A
Exploit:JS/Cooexp.A is script contained within an exploit pack known as the "Cool Exploit Kit". It can install arbitrary malware on your computer.
Exploit:SWF/Heapspray.gen!A
Exploit:SWF/Heapspray.gen!A is the generic detection for exploits affecting the Adobe Flash Player virtual machine, which use heap-spraying techniques in order to execute exploit code.
This detection may occur when you browse a webpage containing the malicious code.
Exploit:Java/CVE-2010-0840.OG
Exploit:Java/CVE-2009-3869.R
Exploit:Java/CVE-2009-3869.R is the detection for malicious Java applets that exploits a stack overflow vulnerability in the Java Runtime Environment (JRE) versions 5 and 6 and described in CVE-2009-3869.
Exploit:JS/Mult.DY
Exploit:JS/Mult.DY is the detection for infected webpages containing an IFrame that redirects users to a malicious website. The compromised webpages are usually found in websites running a vulnerable version of the osCommerce v2.2 software.
Exploit:Win32/Pdfjsc.RM
Exploit:Win32/Pdfjsc.RM is a detection for a PDF file that contains an obfuscated malicious JavaScript that attempts to contact remote hosts in order to download arbitrary files.
Exploit:Win32/Senglot.J
Exploit:Java/ByteVerify.G
Exploit:JS/USea.A
Exploit:Win32/Pdfjsc.BK
Exploit:Win32/Pdfjsc.EM
Exploit:JS/Twooken.A
Exploit:JS/Mult.DA
Exploit:Win32/Pdfheap.A
Exploit:SWF/CVE-2011-2107.A
Exploit:SWF/CVE-2011-2107.A is the detection for specially-crafted Shockwave Flash (.SWF) files that attempt to exploit software vulnerabilities in Adobe Flash Player and Adobe Reader and Acrobat X. The vulnerability is discussed in the following articles: