Windows Defender detects and removes this family of threats.

You should also update your software to be fully protected.

The Blacole exploit pack tries to infect your PC with other malware, such as trojans and viruses. It also known as "Blackhole".

See our page about exploits and learn how to update common software.

When you visit a malicious or compromised website, Blacole scans your PC for vulnerabilities or weaknesses in your software.

You might visit the website from a link or attachment in an email, or from a previously safe website that has been hacked.

The threat uses those vulnerabilities it has found on your PC to download malware onto your PC:

Typically, the Blacole exploit kit attempts to exploit vulnerabilities in applications such as Oracle Java, Sun Java, Adobe Acrobat and Adobe Reader.

Windows Defender detects and removes this threat.

This threat uses a JavaScript vulnerability to check your PC for security software. It then looks for certain information about your computer that might be used in a future attack. It uses the vulnerability described in CVE-2013-7331 to exploit your PC.

It runs when you visit a hacked or malicious website and you have a vulnerable version of Internet Explorer.

You might get an alert about this threat even if you're not using vulnerable software. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.

Windows Defender detects this threat.

It is an Adobe Shockwave Flash (.SWF) file that may be used by attackers to decrypt and execute encrypted JavaScript files. You might get it from certain malicious websites.

 

Exploit:Win32/Pdfjsc.gen!A is a generic detection of malformed PDF files that target various Adobe Acrobat and Reader vulnerabilities. Once the malformed PDF files are opened by vulnerable versions of Adobe Acrobat and Reader, the embedded JavaScript loads the exploit. The exploit may successfully execute arbitrary code of the attacker's choice, however, it is often used to download and execute additional malware on the affected computer.

Windows Defender detects and removes this threat.

Find out ways that malware can get on your PC.  

Windows Defender detects and removes this threat.

It is a hidden part of a webpage or email that directs your browser to a website that contains malicious content. This content could download malware onto your PC.

Find out ways that malware can get on your PC.

Exploit:SWF/Heapspray.gen!A is the generic detection for exploits affecting the Adobe Flash Player virtual machine, which use heap-spraying techniques in order to execute exploit code.

This detection may occur when you browse a webpage containing the malicious code.

Exploit:Win32/Senglot.J is a generic detection that detects malicious code, often hosted in HTML files, that attempts to download and execute arbitrary files.

Exploit:Java/ByteVerify.G is a detection of malicious code that attempts to exploit a vulnerability in the Microsoft Virtual Machine (VM). The VM enables Java programs to run on Windows platforms. The Microsoft Java VM is included in most versions of Windows and Internet Explorer.

Exploit:JS/Usea.A is a detection for a Javascript that detects the UUSee UUUpgrade ActiveX Control 'Update' Method arbitrary file download vulnerability. UUSee is an application designed to allow users to view content such as videos over the Internet.

Exploit:Win32/Pdfjsc.BK is a detection for specially-crafted PDF files that targets software vulnerabilities in Adobe Acrobat and Adobe Reader.

Exploit:JS/Twooken.A is the detection for a script that exploits a cross-site scripting vulnerability in the website of the Twitter service "twitter.com".

Exploit:JS/Mult.DA is a detection for obfuscated scripts using a specific JavaScript packer. Scripts detected as Exploit:JS/Mult.DA attempt to exploit the HTML Object Memory Corruption Vulnerability in Internet Explorer. This vulnerability is discussed in, and mitigated using, the Microsoft Security Bulletin MS10-002.

Exploit:Java/Midesq.A is the detection for Java malware that exploits a vulnerability in the Java Runtime Environment (JRE) discussed in CVE-2010-0842. Successful exploitation of the vulnerability could lead to the execution of arbitrary code.

Exploit:Win32/CVE-2010-3620 is a detection for malformed PDF files that attempt to exploit a vulnerability in certain Adobe Acrobat and Adobe Reader versions. The vulnerability allows an attacker to execute arbitrary code via a specially-crafted image.

Exploit:Win32/Pdfheap.A is the detection for a malicious Portable Document Format (PDF) file that attempts to exploit the vulnerability described in CVE-2009-1862.