Exploit:Win32/Pdfjsc.YP is a specially-crafted Portable Document Format (PDF) file that exploits a vulnerability in Adobe Acrobat and Adobe Reader described in the following articles:

• CVE-2010-0188
• APSB10-07

Exploit:JS/Pdfjsc.AC is a detection for specially-crafted PDF files that attempt to exploit software vulnerabilities in Adobe Acrobat and Adobe Reader. Once the malformed PDF files are opened by vulnerable versions of Adobe Acrobat and Reader, the embedded JavaScript is executed and loads the exploit.

Exploit:JS/Pdfjsc.Z is an obfuscated JavaScript often distributed through compromised websites. It is designed to exploit several vulnerabilities in the web browser.

Exploit:Win32/Pdfjsc.ADE is a specially crafted PDF file that exploits exploits a vulnerability in Adobe Acrobat and Adobe Reader.

The vulnerabilities, discussed in CVE-2010-0188, allow this malware to download and run arbitrary files.

The following versions of Adobe Acrobat and Adobe Reader are vulnerable to this exploit:

• Adobe Acrobat and Adobe Reader earlier than 8.2.1
• Adobe Acrobat and Adobe Reader earlier than 9.3.1

Exploit:Win32/Pdfjsc.ADM is a malicious PDF file that exploits a vulnerability in Adobe Acrobat and Adobe Reader.

The vulnerabilities, discussed in CVE-2010-0188, allow this malware to download and run arbitrary files.

Exploit:Win32/Pdfjsc.ADY is a malicious PDF file that exploits a vulnerability in Adobe Acrobat and Adobe Reader.

The vulnerabilities, discussed in CVE-2010-0188, allow this malware to download and run arbitrary files, including malware from the following families:

• Trojan:Win32/Simda
• Win32/Zegost (for example, Backdoor:Win32/Zegost.F)
• Win32/Carberp
• Win32/Fareit
• Trojan:Win32/Lockscreen
• Trojan:Win32/Ransom
• Trojan:Win32/Reveton
• Win32/Winwebsec
• Win32/Zbot

The following versions of Adobe Acrobat and Adobe Reader are vulnerable to this exploit:

• Adobe Acrobat and Adobe Reader earlier than 8.2.1
• Adobe Acrobat and Adobe Reader earlier than 9.3.1

Install updates to prevent infection

This malware exploits known vulnerabilities.

You should always install the latest updates available from Adobe to prevent reinfection from this threat, and possible infection from other threats.

Download updates for Adobe products from the following link:

• Updating Software

Exploit:Win32/Pdfjsc.AEA is a malicious PDF file that exploits a vulnerability in Adobe Acrobat and Adobe Reader.

The vulnerabilities, discussed in CVE-2010-0188, allow this malware to download and run arbitrary files.

The following versions of Adobe Acrobat and Adobe Reader are vulnerable to this exploit:

• Adobe Acrobat and Adobe Reader earlier than 8.2.1
• Adobe Acrobat and Adobe Reader earlier than 9.3.1

Install updates to prevent infection

This malware exploits known vulnerabilities.

You should always install the latest updates available from the software vendor to prevent reinfection from this threat, and possible infection from other threats.

Download updates for Adobe products from the following link:

• Updating Software

Exploit:Win32/Pdfjsc.AEW is a malicious PDF file that exploits a vulnerability in Adobe Acrobat and Adobe Reader.

The vulnerabilities, discussed in CVE-2010-0188, allow this malware to download and run arbitrary files.

The following versions of Adobe Acrobat and Adobe Reader are vulnerable to this exploit:

• Adobe Acrobat and Adobe Reader earlier than 8.2.1
• Adobe Acrobat and Adobe Reader earlier than 9.3.1

Install updates to prevent infection

This malware exploits known vulnerabilities.

You should always install the latest updates available from the software vendor to prevent reinfection from this threat, and possible infection from other threats.

Download updates for Adobe products from the following link:

• Updating Software

Exploit:Win32/Pdfjsc.AFE is a malicious PDF file that exploits a vulnerability in Adobe Acrobat and Adobe Reader.

The vulnerabilities, discussed in CVE-2010-0188, allow this malware to download and run arbitrary files.

The following versions of Adobe Acrobat and Adobe Reader are vulnerable to this exploit:

• Adobe Acrobat and Adobe Reader earlier than 8.2.1
• Adobe Acrobat and Adobe Reader earlier than 9.3.1

Install updates to prevent infection

This malware exploits known vulnerabilities.

You should always install the latest updates available from the software vendor to prevent reinfection from this threat, and possible infection from other threats.

Download updates for Adobe products from the following link:

• Updating Software

Exploit:Win32/Pdfjsc.AFU is a malicious PDF file that exploits a vulnerability in Adobe Acrobat and Adobe Reader.

The vulnerabilities, discussed in CVE-2010-0188, allow this malware to download and run arbitrary files.

The following versions of Adobe Acrobat and Adobe Reader are vulnerable to this exploit:

• Adobe Acrobat and Adobe Reader earlier than 8.2.1
• Adobe Acrobat and Adobe Reader earlier than 9.3.1

Install updates to prevent infection

This malware exploits known vulnerabilities.

You should always install the latest updates available from the software vendor to prevent reinfection from this threat, and possible infection from other threats.

Download updates for Adobe products from the following link:

• Updating Software

Exploit:Win32/Pdfjsc.AGD is a malicious PDF file that exploits a vulnerability in Adobe Acrobat and Adobe Reader. 

The vulnerabilities, discussed in CVE-2010-0188, allow this malware to download and run arbitrary files.

The following versions of Adobe Acrobat and Adobe Reader are vulnerable to this exploit:

• Adobe Acrobat and Adobe Reader earlier than 8.2.1
• Adobe Acrobat and Adobe Reader earlier than 9.3.1

Install updates to prevent infection

This malware exploits known vulnerabilities.

You should always install the latest updates available from the software vendor to prevent reinfection from this threat, and possible infection from other threats.

Download updates for Adobe products from the following link:

• Updating Software

Windows Defender detects and removes this threat.

This threat uses an Adobe vulnerability to download and run files, including malware, on your PC.

It runs when you open an infected PDF file and you have a vulnerable version of Adobe Acrobat and Adobe Reader. You might receive this PDF file as an email attachment.

The following versions of Adobe Acrobat and Adobe Reader are vulnerable:

• Adobe Acrobat and Adobe Reader version 8.2.2 and earlier
• Adobe Acrobat and Adobe Reader version 9.3.4 and earlier

Find out ways that malware can get on your PC.

Backdoor:Win32/IRCbot.BH is a generic detection for a backdoor trojan that connects to an IRC server to receive commands from an attacker. This trojan contains code that exploits vulnerable Windows computers that have not applied Security Bulletin MS08-067.

Exploit:Java/CVE-2008-5353.H is a detection for malicious code that attempts to exploit a vulnerability in the Java Runtime Environment (JRE). The vulnerability, with CVE number CVE-2008-5353, may lead to the download and execution of arbitrary files in an affected computer.

Exploit:Win32/Pdfjsc.AGR is a malicious PDF file that exploits a vulnerability in Adobe Acrobat and Adobe Reader. 

The vulnerabilities, discussed in CVE-2010-0188, allow this malware to download and run arbitrary files.

The following versions of Adobe Acrobat and Adobe Reader are vulnerable to this exploit:

• Adobe Acrobat and Adobe Reader earlier than 8.2.1
• Adobe Acrobat and Adobe Reader earlier than 9.3.1

Install updates to prevent infection

This malware exploits known vulnerabilities.

You should always install the latest updates available from the software vendor to prevent reinfection from this threat, and possible infection from other threats.

Download updates for Adobe products from the following link:

• Updating Software

Virus:HTML/Virut.BM is a detection for HTML script appended to Web pages by Virus:Win32/Virut.BM. The appended script contains an IFrame and redirection URL that attempts to download other malware.

Exploit:JS/CVE-2008-0015 is the detection for code that attempts to exploit a vulnerability in the Microsoft Video ActiveX Control. This vulnerability is discussed in detail in Microsoft Security Advisory (972890). When a user visits a Web page containing an exploit detected as Exploit:JS/CVE-2008-0015, it may connect to a remote server and download other malware. Currently, we are aware of cases where exploits download and execute Worm:Win32/Dogkild.A on the system.

Exploit:JS/ShellCode.J is a generic detection for JavaScript objects that construct shellcode. These scripts may be embedded within other document files such as specially-crafted .PDF files, for example.

 

This detection also includes malicious JavaScript that attempts to exploit an uninitialized memory corruption vulnerability (CVE-2010-0806) that allows the execution of arbitrary code. Microsoft released Microsoft Security Bulletin MS10-018 to mitigate this vulnerability.

Exploit:JS/CVE-2011-1345 is a detection for an exploit which is based on the vulnerability described in CVE-2011-1345 and resolved with the release of Microsoft Security Bulletin MS11-018. The vulnerability affects Internet Explorer (IE) browsers versions 6,7 and 8. Internet Explorer 9 is not affected. Successful exploitation of the vulnerability can lead to execution of arbitrary code on an affected computer within the current user's security context.

Exploit:JS/SetSlice.B is a detection for malicious JavaScript that exploits a ulnerability in Oracle Java to run arbitrary code on your computer. The vulnerability is discussed in CVE-2010-0842 and fixed by applying the latest security updates from Oracle.