We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
TrojanDownloader:Java/OpenConnection.GC
Detected by Microsoft Defender Antivirus
Aliases: Exploit.Java.Agent.bz (Kaspersky) Trojan horse Exploit_c.GOP (AVG) Java/TrojanDownloader.OpenStream.NAN (ESET) Troj/Java-M (Sophos)
Summary
TrojanDownloader:Java/OpenConnection.GC is a detection for a Java applet that attempts to download and execute arbitrary files from a remote host. It often works in conjunction with Exploit:Java/CVE-2010-0094, which attempts to exploit a vulnerability in the Java Runtime Environment (JRE). This vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system, outside its "sand box" environment.
The vulnerability can be exploited by malware to gain access to a user's computer to download and install malicious programs. The malware installation may occur when a malicious Java applet is executed by a vulnerable JRE. This scenario can occur when a user visits a malicious webpage that hosts such an applet. Note that a number of legitimate websites could be compromised or unwillingly host a malicious applet through advertising frames which could redirect to or host a malicious Java applet.
To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products will detect and remove this threat:
For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.
Update vulnerable applications
This threat is associated with an exploit of a known vulnerability in the Java Runtime Environment (JRE). After removing this threat, make sure that you install the updates available from the vendor. You can read more about this vulnerability from the following links:
Follow us
