Warning message... Link to action
Read about our in-depth analysis of a new high-volume campaign that marked the resurgence of notorious malware-as-a-service Hawkeye Keylogger. Read the blog post
Aliases: EXP/CVE-2010-0094.F.67 (Avira) Exploit.CVE2010-0840.2 (Dr.Web) Exploit.Java.Agent.fd (Kaspersky) Java/Agent.CU (Norman) Mal/JavaHel-B (Sophos)
Windows Defender detects and removes this threat.
This threat uses a vulnerability in your software to download other malware.
It runs when you visit a hacked website and you have a vulnerable version of Java installed on your PC. A number of legitimate websites could be hacked or unwillingly host this threat.
The following versions of Java are vulnerable:
- Oracle Java SE and Java for Business 6 Update 18 and earlier
To check if you're running a vulnerable version of Java:
- Go to the control panel (Select Start then Control Panel)
- Select Programs. If Java is installed you will see it in the list of installed programs. Click it to open the Java Control Panel.
- On the General tab, click About to see which version of Java you have installed.
You might get a detection for this threat if you visit a website that has the malicious code, even if you're not using a vulnerable version of Java. This doesn't mean that you have been hacked; it means someone has tried to hack into your PC.
The vulnerability that this threat exploits is described in CVE-2010-0840.