Exploit:JS/Blacole.BV is the detection for malicious JavaScript that loads a series of other exploits that are distributed as components of the "Blackhole kit". If the computer runs a vulnerable version of certain software and exploitation is successful, various malware may be downloaded.

Exploit:Win32/CVE-2011-0094.A is the detection for an JavaScript, which attempts to exploit a vulnerability in Internet Explorer.

Exploit:SWF/ShellCode.C is the detection for a Shockwave Flash (SWF) file that attempts to exploit a software vulnerability in Adobe Acrobat and Adobe Reader that can cause unexpected behavior in the application, and potentially allow an attacker to gain access to the vulnerable computer. The vulnerability is described in the following pages:

• CVE-2011-2100
• Adobe Security Advisory APSB11-16

TrojanDownloader:SWF/Meccapop.A is the detection for a Shockwave Flash (SWF) file that attempts to exploit a software vulnerability in Adobe Acrobat and Adobe Reader that can cause unexpected behavior in the application, and potentially allow an attacker to gain access to the vulnerable computer.

Exploit:SWF/Blacole.E is the detection for malicious code within specially crafted Adobe Shockwave Flash (.SWF) files. The malicious files are commonly distributed via an exploit kit, known as "Blackhole", within compromised webpages. The malware is capable of redirecting a web browser to another specified website and downloading and executing arbitrary files.

Exploit:SWF/CVE-2011-2140.A is the detection for specially crafted Adobe Shockwave Flash (SWF) files that exploit the vulnerability described in the following articles:

• CVE-2011-2140
• APSB11-21

It attempts to play a movie file. As of this writing, the movie file is unavailable.

Exploit:SWF/Blacole.J is a malicious Adobe Shockwave Flash (.SWF) file, distributed as part of the "Blackhole" exploit kit, that exploits a vulnerability described in CVE-2011-2110. Successful exploitation by the malware could result in downloading and executing arbitrary files.

Exploit:SWF/Blacole.K is a malicious Adobe Shockwave (.SWF) code that exploits a vulnerability in certain versions of Adobe Flash Player that could result in redirecting the web browser or downloading and executing arbitrary files. The vulnerability is discussed in the following articles:

• CVE-2011-2110
• APSB11-18

Windows Defender detects and removes this threat.

Exploit:Win32/ShellCode.gen!C is a generic detection for JavaScript files that have malicious code. Generally, attackers use this malicious code to infect your computer with other malware.

These files are often downloaders which use the malicious code to exploit vulnerabilities in various software.

A vulnerability is like a hole in your software that malware can use (or exploit) to get on your computer. These holes are fixed by installing updates to the vulnerable software; this is why it is extremely important to keep all of the programs on your computer up to date.

See here for information on how to update some software.

As this is a generic detection, we cannot identify the precise files that use this code or the particular exploits that the code uses.

Exploit:Win32/Pdfjsc.YQ is a specially-crafted Portable Document File (PDF), which exploits vulnerabilities in Adobe Acrobat and Adobe Reader discussed in the following articles:

• CVE-2009-0927
• CVE-2010-0188

Exploit:JS/Blacole.AV is a malicious JavaScript that attempts to exploit several vulnerabilities in Adobe Acrobat and Reader. If the exploit is successful in compromising a vulnerable host, it could result in downloading and executing other malware.

Exploit:Win32/Pdfjsc.YX is a specially-crafted JavaScript, which exploits a vulnerability in the Java Runtime Environment, Adobe Acrobat, and Adobe Reader discussed in the following articles:

• CVE-2011-2110
• CVE-2010-0840
• CVE-2007-5659

Exploit:JS/Pdfjsc.Z is an obfuscated JavaScript often distributed through compromised websites. It is designed to exploit several vulnerabilities in the web browser.