We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Exploit:JS/Mult.BF
Detected by Microsoft Defender Antivirus
Aliases: Exploit-XMLhttp.d (McAfee)
Summary
Exploit:JS/Mult.BF is a detection for malicious shellcode that attempts to exploit certain vulnerabilities in order to download and run arbitrary files. The shellcode is obfuscated.
Some files detected as Exploit:JS/Mult.BF may arrive in the system when a user browses certain sites using a vulnerable version of Internet Explorer. When a webpage that includes Exploit:JS/Mult.BF is loaded, the shellcode is executed in the system.
In the wild, this exploit may download a trojan detected as TrojanDropper:Win32/Letrofen.A in systems that do not have the Microsoft Security Bulletin MS09-002 update installed.
Manual removal is not recommended for this threat. To detect and remove this threat and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as the Microsoft Safety Scanner (http://go.microsoft.com/fwlink/?LinkId=212742). For more information, see http://www.microsoft.com/protect/computer/viruses/vista.mspx.
Follow us
