Published Dec 12, 2011 | Updated Sep 15, 2017


Severe |Detected with Windows Defender Antivirus

Aliases: Trojan.Downloader.JS.DarDuk.A (BitDefender) Exploit.Hcp.6 (Dr.Web) JS/Kryptik.ES (ESET) Exploit.JS.CVE-2010-1885 (Ikarus) (Kaspersky) Mal/ExpJS-N (Sophos) Trojan.Malscript!html (Symantec)


Exploit:JS/Blacole.AT is a variant of JS/BlacoleJavaScript malware that consists of several exploits and is created by the "Blackhole" exploit kit. Exploit:JS/Blacole.AT is installed to compromised websites by an attacker. It attempts to exploit the following CVE vulnerabilities:

To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:

For more information on antivirus software, see

Update vulnerable applications

This threat exploits known vulnerabilities in Adobe Reader, Adobe Acrobat and Java. After removing this threat, make sure that you install the updates available from the vendor. You can read more about this vulnerability in Java, as well as where to download the software update from the following links:

It may be necessary to remove older versions of Java that are still present. Keeping old and unsupported versions of Java on your system presents a serious security risk. To read more about why you should remove older versions of Java, see the following information.

Follow us