Aliases: No associated aliases
Windows Defender detects and removes this threat.
This threat uses an Adobe vulnerability to download and run files on your PC, including malware.
This threat is associated with an exploit kit called SweetOrange. It can exploit vulnerabilities in Adobe Flash, specifically the vulnerability discussed in CVE-2015-0311.
It runs when you visit a malicious or hacked website and you have a vulnerable version of Adobe Flash Player.
The following versions of Adobe Flash Player are vulnerable:
- Adobe Flash Player 188.8.131.527 and earlier versions for Windows and Macintosh
- Adobe Flash Player 184.108.40.206, 14.x, and 15.x versions for Windows and Macintosh
- Adobe Flash Player 220.127.116.118 and earlier versions for Linux
If you visit a webpage containing this threat and your PC has a vulnerable version of Flash installed, this threat can download and run other malware.
Use the following free Microsoft software to detect and remove this threat:
You should also run a full scan. A full scan might find hidden malware.
Update Adobe products
Make sure you install all available Adobe updates. You can read more about this vulnerability and download software updates from these links:
It's also important to keep your other software up to date:
Get more help
If you’re using Windows XP, see our Windows XP end of support page.