JS/Aimesu
Windows Defender Antivirus detects and removes this threat.
This threat runs on your PC when you visit a hacked or malicious webpage and you are using a vulnerable or out-of-date version of Java, Adobe PDF Reader, or Flash Player.
It then installs other malware on your PC, including components of the "Blackhole" and "Cool" exploit kits. These exploits can download other malware on your PC.
See our exploits page for more information about this type of threat.
Exploit:HTML/AdoStream
Exploit:SWF/CVE-2011-0611.C
Exploit:SWF/CVE-2011-0611.C is the detection for specially crafted Shockwave Flash (SWF) files that attempt to exploit a vulnerability in Adobe Flash Player that could lead to the execution of arbitrary code. The vulnerability is described in CVE-2011-0611 and Adobe Security Advisory APSA11-02.
Exploit:Java/CVE-2012-1723.BPE
Exploit:Java/CVE-2012-1723.BPE is a malicious Java applet that attempts to exploit a vulnerability (CVE-2012-1723) in the Java Runtime Environment (JRE) in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, the exploit is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
The following versions of Java are vulnerable to this exploit:
- JDK and JRE 7 Update 4 and earlier Java SE
- JDK and JRE 6 Update 32 and earlier Java SE
- JDK and JRE 5.0 Update 35 and earlier Java SE
- SDK and JRE 1.4.2_37 and earlier Java SE
Exploit:Java/CVE-2012-1723.GA
Exploit:Java/CVE-2012-1723.GA is a malicious Java applet that attempts to exploit a vulnerability (CVE-2012-1723) in the Java Runtime Environment (JRE) in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, the exploit is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
The following versions of Java are vulnerable to this exploit:
- JDK and JRE 7 Update 4 and earlier Java SE
- JDK and JRE 6 Update 32 and earlier Java SE
- JDK and JRE 5.0 Update 35 and earlier Java SE
- SDK and JRE 1.4.2_37 and earlier Java SE
Exploit:Win32/Pdfjsc.ADY
Exploit:Win32/Pdfjsc.ADY is a malicious PDF file that exploits a vulnerability in Adobe Acrobat and Adobe Reader.
The vulnerabilities, discussed in CVE-2010-0188, allow this malware to download and run arbitrary files, including malware from the following families:
- Trojan:Win32/Simda
- Win32/Zegost (for example, Backdoor:Win32/Zegost.F)
- Win32/Carberp
- Win32/Fareit
- Trojan:Win32/Lockscreen
- Trojan:Win32/Ransom
- Trojan:Win32/Reveton
- Win32/Winwebsec
- Win32/Zbot
The following versions of Adobe Acrobat and Adobe Reader are vulnerable to this exploit:
- Adobe Acrobat and Adobe Reader earlier than 8.2.1
- Adobe Acrobat and Adobe Reader earlier than 9.3.1
Install updates to prevent infection
This malware exploits known vulnerabilities.
You should always install the latest updates available from Adobe to prevent reinfection from this threat, and possible infection from other threats.
Download updates for Adobe products from the following link:
Exploit:Java/CVE-2012-4681.AET
Exploit:Java/CVE-2012-4681.AET is a malicious Java applet that attempts to exploit a vulnerability (CVE-2012-4681) in the Java Runtime Environment (JRE), in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, Exploit:Java/CVE-2012-4681.AET is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
Oracle Java JDK and JRE 7 Update 5 and earlier, JRE 6 Update 34 and earlier are all vulnerable to this exploit.
Exploit:Java/CVE-2012-1723.ZVC
Exploit:Java/CVE-2012-1723.ZVC is a malicious Java applet that attempts to exploit a vulnerability (CVE-2012-1723) in the Java Runtime Environment (JRE) in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, the exploit is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
The following versions of Java are vulnerable to this exploit:
- JDK and JRE 7 Update 4 and earlier Java SE
- JDK and JRE 6 Update 32 and earlier Java SE
- JDK and JRE 5.0 Update 35 and earlier Java SE
- SDK and JRE 1.4.2_37 and earlier Java SE
Exploit:Java/CVE-2012-1723.BVP
Exploit:Java/CVE-2012-1723.BVP is a malicious Java applet that attempts to exploit a vulnerability (CVE-2012-1723) in the Java Runtime Environment (JRE) in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, the exploit is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
The following versions of Java are vulnerable to this exploit:
- JDK and JRE 7 Update 4 and earlier Java SE
- JDK and JRE 6 Update 32 and earlier Java SE
- JDK and JRE 5.0 Update 35 and earlier Java SE
- SDK and JRE 1.4.2_37 and earlier Java SE
Exploit:Win32/Pdfjsc.AEW
Exploit:Win32/Pdfjsc.AEW is a malicious PDF file that exploits a vulnerability in Adobe Acrobat and Adobe Reader.
The vulnerabilities, discussed in CVE-2010-0188, allow this malware to download and run arbitrary files.
The following versions of Adobe Acrobat and Adobe Reader are vulnerable to this exploit:
- Adobe Acrobat and Adobe Reader earlier than 8.2.1
- Adobe Acrobat and Adobe Reader earlier than 9.3.1
Install updates to prevent infection
This malware exploits known vulnerabilities.
You should always install the latest updates available from the software vendor to prevent reinfection from this threat, and possible infection from other threats.
Download updates for Adobe products from the following link:
Exploit:Java/CVE-2012-4681.SS
Exploit:Java/CVE-2012-4681.SS is a malicious Java applet that attempts to exploit a vulnerability (CVE-2012-4681) in the Java Runtime Environment (JRE), in order to download and install files of an attacker’s choice onto your computer.
If you visit a website containing the malicious code while using a vulnerable version of Java, Exploit:Java/CVE-2012-4681.SS is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.
Oracle Java JDK and JRE 7 Update 5 and earlier, JRE 6 Update 34 and earlier are all vulnerable to this exploit.