Exploit:Java/CVE-2013-0431
Windows Defender detects and removes this threat.
This threat uses a Java vulnerability to download and run files on your PC, including other malware.
It runs when you visit a hacked or malicious website and you have a vulnerable version of Java.
The following versions of Java are vulnerable:
- Java Development Kit, Java Runtime Environment 7 Update 11 and earlier
To check if you're running a vulnerable version of Java:
- Go to the control panel (Select Start then Control Panel)
- Select Programs. If Java is installed you will see it in the list of installed programs. Click it to open the Java Control Panel.
- On the General tab, click About to see which version of Java you have installed.
You might get an alert about this threat even if you're not using a vulnerable version of Java. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.
Exploit:Java/CVE-2013-2423
Windows Defender detects and removes this threat.
This threat uses a Java vulnerability to download and run files on your PC, including other malware.
It runs when you visit a hacked or malicious website and you have a vulnerable version of Java.
The following versions of Java are vulnerable:
- Oracle Java SE 7 update 17 and earlier.
- OpenJDK 7 update 17 and earlier.
To check if you're running a vulnerable version of Java:
- In Control Panel, double-click Programs.
- If Java is installed you will see it in the list of installed programs. Click it to open the Java Control Panel.
- On the General tab, click About to see which version of Java you have installed.
You may get an alert about this threat even if you're not using a vulnerable version of Java. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.
Exploit:Java/CVE-2013-1488.M
Windows Defender detects and removes this threat.
This threat uses a Java vulnerability to download and run files on your PC, including other malware.
It runs when you visit a hacked or malicious website and you have a vulnerable version of Java.
The following versions of Java are vulnerable:
- Java Development Kit SE 7 update 17 and earlier
- OpenJDK Java Development Kit versions 7 and earlier
To check if you're running a vulnerable version of Java:
- In Control Panel, double-click Programs.
- If Java is installed you will see it in the list of installed programs. Click it to open the Java Control Panel.
- On the General tab, click About to see which version of Java you have installed.
You might get an alert about this threat even if you're not using a vulnerable version of Java. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.
Exploit:JS/CVE-2013-2551.C
Windows Defender detects and removes this threat.
This threat uses an Internet Explorer vulnerability to download and run files on your PC, including other malware.
It runs when you visit a hacked or malicious website and you have a vulnerable version of Internet Explorer.
The following Internet Explorer versions are vulnerable:
- Internet Explorer 6
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
Exploit:Java/CVE-2013-1493
Windows Defender detects and removes this threat.
This threat uses a Java vulnerability (CVE-2013-1493) to download and run files on your PC, including other malware.
It runs when you visit a hacked or malicious website and if you have a vulnerable version of Java.
The following versions of Java are vulnerable:
- Oracle Java JDK and JRE 7 Update 15 and earlier
- Oracle Java JDK and JRE 6 Update 41 and earlier
- Oracle Java JDK and JRE 5 Update 40 and earlier
To check if you're running a vulnerable version of Java:
- In Control Panel, double-click Programs.
- If Java is installed you will see it in the list of installed programs. Click it to open the Java Control Panel.
- On the General tab, click About to see which version of Java you have installed.
You might get an alert about this threat even if you're not using a vulnerable version of Java. This is because we detect when a website tries to use the vulnerability, even if it isn't successful. This doesn't mean that you have been hacked; it means someone has tried to hack into your PC.
Exploit:Java/CVE-2013-1489.A
Windows Defender detects and removes this threat.
This threat uses a Java vulnerability to download and run files on your PC, including other malware.
It runs when you visit a hacked or malicious website and you have a vulnerable version of Java.
The following versions of Java are vulnerable:
- Java Runtime Environment of Oracle Java SE 7 Update 10 and Update 11
To check if you're running a vulnerable version of Java:
- In Control Panel, double-click Programs.
- If Java is installed you will see it in the list of installed programs. Click it to open the Java Control Panel.
- On the General tab, click About to see which version of Java you have installed.
You may get an alert about this threat even if you're not using a vulnerable version of Java. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.
Exploit:Win32/CVE-2013-3660
Windows Defender detects and removes this threat.
This threat uses a Microsoft vulnerability to escalate the privilege of a running process. The vulnerability is called CVE-2013-3660 or the "Win32k.sys Elevation of Privilege Vulnerability".
You can read more and apply updates to prevent exploiting this vulnerability in Microsoft Security Bulletin MS13-053.
The threat will work if you have one of the following vulnerable versions 32-bit Windows:
- Windows 8.1
- Windows 8
- Windows 7 SP1
- Windows Vista SP2
- Windows RT 8.1
- Windows RT
- Windows Server 2012
- Windows Server 2012 R2
- Windows Server 2008 SP2
- Windows Server 2008 R2 SP1
- Windows Server 2003 SP2
You may get an alert about this threat even if you're not using a vulnerable version of the application. This is because we detect when a website or file tries to use the vulnerability, even if it isn't successful.