Exploit:JS/Axpergle.J
Microsoft security software detects and removes this threat.
It uses vulnerabilities in recent versions of Internet Explorer, Microsoft Silverlight, Adobe Flash Player, and Java to install malware on your PC. We have seen it try to install Trojan:Win32/Reveton.
You might get this threat if you visit a malicious or hacked website, or by clicking a malicious link in an email.
To learn more about how this threat is being used by cybercriminals,
Exploit:HTML/Axpergle.M
Windows Defender detects and removes this threat.
This threat uses vulnerabilities in recent versions of Internet Explorer, Microsoft Silverlight, Adobe Flash Player, and Java to install malware on your PC. We have seen it try to install Ransom:Win32/Reveton.
You might get this threat if you visit a malicious or hacked website, or by clicking a malicious link in an email.
To learn more about how this threat is being used by cybercriminals,
Find out ways that malware can get on your PC.
Exploit:JS/Axpergle.E
Microsoft security software detects and removes this threat.
It uses vulnerabilities in recent versions of Internet Explorer, Microsoft Silverlight, Adobe Flash Player, and Java to install malware on your PC. We have seen it try to install Trojan:Win32/Reveton.
You might get this threat if you visit a malicious or hacked website, or by clicking a malicious link in an email.
To learn more about how this threat is being used by cybercriminals,
Exploit:JS/CVE-2013-2551
Windows Defender detects and removes this threat.
This threat uses an Internet Explorer vulnerability to download and run files on your PC, including other malware.
It runs when you visit a hacked or malicious website and you have a vulnerable version of Internet Explorer.
The following Internet Explorer versions are vulnerable:
- Internet Explorer 6
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
Exploit:SWF/CVE-2015-0311
Windows Defender detects and removes this threat.
This threat uses an Adobe vulnerability to download and run files on your PC, including malware.
It runs when you visit a malicious or hacked website and you have a vulnerable version of Adobe Flash Player.
The following versions of Adobe Flash Player are vulnerable:
- Adobe Flash Player 16.0.0.287 and earlier versions for Windows and Macintosh
- Adobe Flash Player 13.0.0.262 and earlier 13.x versions
- Adobe Flash Player 11.2.202.438 and earlier versions for Linux
If you visit a webpage containing this threat and your PC has a vulnerable version of Flash installed, this threat can download and run other malware.
Exploit:JS/CVE-2013-2551.C
Windows Defender detects and removes this threat.
This threat uses an Internet Explorer vulnerability to download and run files on your PC, including other malware.
It runs when you visit a hacked or malicious website and you have a vulnerable version of Internet Explorer.
The following Internet Explorer versions are vulnerable:
- Internet Explorer 6
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
Exploit:JS/Axpergle
Windows Defender detects and removes this threat.
It uses vulnerabilities in recent versions of Internet Explorer, Microsoft Silverlight, Adobe Flash Player, and Java to install malware on your PC. We have seen it try to install Ransom:Win32/Reveton and variants of Win32/Bedep.
The exploit is also called Angler.
You might get this threat if you visit a malicious or hacked website, or by clicking a malicious link in an email.
To learn more about how this threat is being used by cybercriminals,
Exploit:JS/Axpergle.CG
Microsoft security software detects and removes this threat.
This threat uses vulnerabilities in recent versions of Internet Explorer, Microsoft Silverlight, Adobe Flash Player, and Java to install malware on your PC. We have seen it try to install Ransom:Win32/Reveton and variants of Win32/Bedep.
The exploit is also called Angler.
You might get this threat if you visit a malicious or hacked website, or by clicking a malicious link in an email.
See the Exploit:JS/Axpergle family description for more information.
To learn more about how this threat is being used by cybercriminals,
Exploit:JS/Axpergle.BM
Windows Defender detects and removes this threat.
This threat uses vulnerabilities in recent versions of Internet Explorer, Microsoft Silverlight, Adobe Flash Player, and Java to install malware on your PC. We have seen it try to install Ransom:Win32/Reveton and variants of Win32/Bedep.
The exploit is also called Angler.
You might get this threat if you visit a malicious or hacked website, or by clicking a malicious link in an email.
See the Exploit:JS/Axpergle family description for more information.
To learn more about how this threat is being used by cybercriminals,
Ransom:HTML/Genasom.A
Microsoft Defender Antivirus detects and removes this threat.
This threat is an HTML coponent used by Ransom:Win32/Reveton.A. It stops you from loading Windows and displays a full-screen message, commonly called a "lock screen". If this threat asks you to pay a fee or fine, do not pay it. The message is a fraud.
It tries to scare you into paying a fine to unlock your PC.
You can read more on our ransomware page.
The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.
Read our latest report: A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017.
Blacole
Windows Defender detects and removes this family of threats.
You should also update your software to be fully protected.
The Blacole exploit pack tries to infect your PC with other malware, such as trojans and viruses. It also known as "Blackhole".
See our page about exploits and learn how to update common software.
When you visit a malicious or compromised website, Blacole scans your PC for vulnerabilities or weaknesses in your software.
You might visit the website from a link or attachment in an email, or from a previously safe website that has been hacked.
The threat uses those vulnerabilities it has found on your PC to download malware onto your PC:
Typically, the Blacole exploit kit attempts to exploit vulnerabilities in applications such as Oracle Java, Sun Java, Adobe Acrobat and Adobe Reader.
Exploit:SWF/Axpergle
Windows Defender detects this threat.
This threat is a detection for specially-crafted Shockwave Flash (.SWF) files that attempt to exploit software vulnerabilities in Adobe Flash Player known as part of the Angler exploit kit. We have seen this threat exploit the CVE-2014-8439, CVE-2015-0310, CVE-2015-0311, CVE-2015-0313 vulnerabilities.
It uses an Adobe Flash Player vulnerability to download and run files on your PC, including malware.
The exploit is also called Angler.
The following versions of Adobe Flash Player are vulnerable:
- Adobe Flash Player 16.0.0.296 and earlier versions
- Adobe Flash Player 13.0.0.264 and earlier 13.x versions
- Adobe Flash Player 11.2.202.440 and earlier 11.x versions
You might get an alert about this threat even if you're not using a vulnerable version of Adobe Flash Player. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.
To learn more about how this threat is being used by cybercriminals,
Exploit:Java/CVE-2013-1489.A
Windows Defender detects and removes this threat.
This threat uses a Java vulnerability to download and run files on your PC, including other malware.
It runs when you visit a hacked or malicious website and you have a vulnerable version of Java.
The following versions of Java are vulnerable:
- Java Runtime Environment of Oracle Java SE 7 Update 10 and Update 11
To check if you're running a vulnerable version of Java:
- In Control Panel, double-click Programs.
- If Java is installed you will see it in the list of installed programs. Click it to open the Java Control Panel.
- On the General tab, click About to see which version of Java you have installed.
You may get an alert about this threat even if you're not using a vulnerable version of Java. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.
Exploit:Java/CVE-2013-2463.A
Windows Defender detects and removes this threat.
This threat uses a Java vulnerability to download and run files on your PC, including other malware.
It runs when you visit a hacked or malicious website and you have a vulnerable version of Java.
The following versions of Java are vulnerable:
- Java SE Development Kit 7 Update 21 and earlier
- Java SE Development Kit 6 Update 45 and earlier
- Java SE Development Kit 5.0 Update 45 and earlier
- OpenJDK 7
To check if you're running a vulnerable version of Java:
- In Control Panel, double-click Programs.
- If Java is installed you will see it in the list of installed programs. Click it to open the Java Control Panel.
- On the General tab, click About to see which version of Java you have installed.
You may get an alert about this threat even if you're not using a vulnerable version of Java. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.
Virus:Win32/Expiro.DG
Trojan:Win32/Tobfy.I a ransomware trojan that targets users from certain countries. It locks your computer and displays a localized webpage that covers your desktop. It demands the payment of a fine for the supposed possession of illicit material.