Published Mar 23, 2014 | Updated Sep 15, 2017


Severe |Detected with Windows Defender Antivirus

Aliases: No associated aliases


Windows Defender detects and removes this threat.

This threat uses an Adobe vulnerability to download and run files on your PC, including malware.

This threat is associated with an exploit kit called SweetOrange. It can exploit vulnerabilities in Adobe Flash, specifically the vulnerability discussed in CVE-2015-0311.

It runs when you visit a malicious or hacked website and you have a vulnerable version of Adobe Flash Player.

The following versions of Adobe Flash Player are vulnerable:

  • Adobe Flash Player and earlier versions for Windows and Macintosh
  • Adobe Flash Player, 14.x, and 15.x versions for Windows and Macintosh
  • Adobe Flash Player and earlier versions for Linux

If you visit a webpage containing this threat and your PC has a vulnerable version of Flash installed, this threat can download and run other malware.

Find out ways that malware can get on your PC.

Use the following free Microsoft software to detect and remove this threat:

You should also run a full scan. A full scan might find hidden malware.

Update Adobe products

Make sure you install all available Adobe updates. You can read more about this vulnerability and download software updates from these links:

It's also important to keep your other software up to date:

Get more help

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

If you’re using Windows XP, see our Windows XP end of support page.

Follow us