Exploit:Java/CVE-2010-0840.EW is a detection for certain malicious Java applets that exploit a vulnerability of privilege escalation, described in CVE-2010-0840. The vulnerability is present in Java Runtime Environment (JRE) versions 5 and 6. Successful exploitation could lead to the download and execution of other malware.

TrojanDownloader:SWF/Meccapop.A is the detection for a Shockwave Flash (SWF) file that attempts to exploit a software vulnerability in Adobe Acrobat and Adobe Reader that can cause unexpected behavior in the application, and potentially allow an attacker to gain access to the vulnerable computer.

Exploit:Java/CVE-2010-0840.LE is a variant of Exploit:Java/CVE-2010-0840 - a detection for malicious Java applets that exploit the vulnerability described in CVE-2010-0840. Successful exploitation may lead to remote code execution.

Exploit:JS/Mult.DX is the generic detection for malicious JavaScript code that is found in certain compromised websites. It executes when the user visits the website.

Exploit:JS/Mult.DY is the detection for infected webpages containing an IFrame that redirects users to a malicious website. The compromised webpages are usually found in websites running a vulnerable version of the osCommerce v2.2 software.

Exploit:SWF/Blacole.J is a malicious Adobe Shockwave Flash (.SWF) file, distributed as part of the "Blackhole" exploit kit, that exploits a vulnerability described in CVE-2011-2110. Successful exploitation by the malware could result in downloading and executing arbitrary files.

Exploit:Win32/Pdfjsc.YF is a specially-crafted Portable Document File (PDF), which exploits a vulnerability in Adobe Acrobat and Adobe Reader discussed in the following articles:

• CVE-2010-0188
• APSB10-07

It connects to certain servers to download and execute other files.

Windows Defender detects and removes this threat.

This threat uses a software vulnerability to download and run other files on your PC, including malware.

It runs when you visit a hacked website and you have a vulnerable version of Java. Legitimate websites can also be hacked to unwillingly host this threat.

Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier are all vulnerable to this threat.

To check if you're running a vulnerable version of Java:

1. Go to the control panel (Select Start then Control Panel)
2. Select Programs. If Java is installed you will see it in the list of installed programs. Click it to open the Java Control Panel.
3. On the General tab, click About to see which version of Java you have installed.

You may get a detection for this threat when you visit a website that has the malicious code, even if you're not using a vulnerable version of Java. This doesn't mean that you have been compromised, it means an try to compromise your PC has been made.

The vulnerability that this threat exploits is described in CVE-2011-3544.

Exploit:Java/CVE-2011-3544 is a family of malicious Java applets that attempt to exploit a vulnerability in the Java Runtime Environment (JRE) in order to download and install files of an attacker's choice onto your computer.

If you visit a website containing the malicious code while using a vulnerable version of Java, Exploit:Java/CVE-2011-3544 is loaded. It then attempts to download and execute files from a remote host/URL; the files that are downloaded and executed could include additional malware.

Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier are all vulnerable to this exploit.

Exploit:Java/CVE-2010-0840.NU is a malicious Java applet that exploits a vulnerability of privilege escalation in JRE (Java Runtime Environment) versions 5 and 6 as described in CVE-2010-0840. The Java exploit is a component of the "Blackhole" exploit pack and is hosted on compromised web sites. The successful exploitation of a vulnerable host may lead to the downloading and execution of arbitrary files.

Exploit:Java/CVE-2011-3544.N is a malicious Java applet stored within a Java Archive (.JAR) file. It attempts to exploit a vulnerability in the Java Runtime Environment (JRE) component in Oracle JAVA SE JDK and JRE 7, 6 Update 27 and earlier. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to run arbitrary Java code outside of the "sandbox" environment.

TrojanDownloader:Java/Rexec.H is a Java-based trojan that is generated by the "Blackhole" exploit kit, and may download and execute other malware.