Skip to main content
Published Nov 14, 2014 | Updated Sep 15, 2017

Exploit:SWF/Axpergle

Summary

Windows Defender detects this threat.

This threat is a detection for specially-crafted Shockwave Flash (.SWF) files that attempt to exploit software vulnerabilities in Adobe Flash Player known as part of the Angler exploit kit. We have seen this threat exploit the CVE-2014-8439, CVE-2015-0310, CVE-2015-0311, CVE-2015-0313 vulnerabilities.

It uses an Adobe Flash Player  vulnerability to download and run files on your PC, including malware.

The exploit is also called Angler.

The following versions of Adobe Flash Player are vulnerable:

  • Adobe Flash Player 16.0.0.296 and earlier versions
  • Adobe Flash Player 13.0.0.264 and earlier 13.x versions
  • Adobe Flash Player 11.2.202.440 and earlier 11.x versions

You might get an alert about this threat even if you're not using a vulnerable version of Adobe Flash Player. This is because we detect when a website tries to use the vulnerability, even if it isn't successful.

To learn more about how this threat is being used by cybercriminals,

Read: Exploit kits remain a cybercrime staple against outdated software – 2016 threat landscape review series

Find out ways that malware can get on your PC.

Use the following free Microsoft software to detect and remove this threat:

You should also run a full scan. A full scan might find hidden malware.

Get more help

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

Update Adobe products

Make sure you install all available Adobe updates. You can read more about this vulnerability and download software updates from these links:

It's also important to keep your other software up to date:

Enable MAPS 

Enable the Microsoft Active Protection Service (MAPS) on your system to protect your enterprise software security infrastructure in the cloud.

  1. Check if MAPS is enabled in your Microsoft security product:

    1. Select Settings and then select MAPS.

    2. Select Advanced membership, then click Save changes. With the MAPS option enabled, your Microsoft anti-malware security product can take full advantage of Microsoft's cloud protection service

  2. Join the Microsoft Active Protection Service Community.  
Follow us