McAfee > Theat Center > Virus Detail Page

Overview

This is a generic detection for malicious script files that exploits a vulnerability in the Microsoft Data Access Component (MDAC) functions. These files are most commonly hosted on a hacked or maliciously crafted webpage, in an aim to penetrate vulnerable systems via the Internet Explorer web browser.

Characteristics

-- Update August 29th, 2007 --
The risk assessment of this threat has been updated to Low-Profiled due to media attention at:
http://www.computerworlduk.com/management/security/cybercrime/news/index.cfm?newsid=4889

-- Update August 29th, 2007 --
A recent exploit was discovered in an attack against a United Nation website. When successful, it may download and install BackDoor-AWQ.b and other malware. The 5109 DATs has been enhanced to cover these exploits.
--

This is a generic detection for malicious script files that exploits a vulnerability in the Microsoft Data Access Component (MDAC) functions. These files are most commonly hosted on a hacked or maliciously crafted webpage, in an aim to penetrate vulnerable systems via the Internet Explorer web browser.

More details of this vulnerability at:

http://vil.nai.com/vil/content/v_vul23004.htm

 

Symptoms

Internet Explorer may execute arbitrary code or crash upon exploitation.  Any number of subsequent actions may be taken by the malware.

Method of Infection

Users may be lured (such as through spam or spim) to visit a malicious site.  Upon loading the web page, a vulnerable web browser will execute the payload.
 

Removal

AVERT recommends to always use latest DATs and engine. This threat will be cleaned if you have this combination.

Additional Windows ME/XP removal considerations

Variants

Variants

N/A

All Information

Overview -

This is a generic detection for malicious script files that exploits a vulnerability in the Microsoft Data Access Component (MDAC) functions. These files are most commonly hosted on a hacked or maliciously crafted webpage, in an aim to penetrate vulnerable systems via the Internet Explorer web browser.

Characteristics

Characteristics -

-- Update August 29th, 2007 --
The risk assessment of this threat has been updated to Low-Profiled due to media attention at:
http://www.computerworlduk.com/management/security/cybercrime/news/index.cfm?newsid=4889

-- Update August 29th, 2007 --
A recent exploit was discovered in an attack against a United Nation website. When successful, it may download and install BackDoor-AWQ.b and other malware. The 5109 DATs has been enhanced to cover these exploits.
--

This is a generic detection for malicious script files that exploits a vulnerability in the Microsoft Data Access Component (MDAC) functions. These files are most commonly hosted on a hacked or maliciously crafted webpage, in an aim to penetrate vulnerable systems via the Internet Explorer web browser.

More details of this vulnerability at:

http://vil.nai.com/vil/content/v_vul23004.htm

 

Symptoms

Symptoms -

Internet Explorer may execute arbitrary code or crash upon exploitation.  Any number of subsequent actions may be taken by the malware.

Method of Infection

Method of Infection -

Users may be lured (such as through spam or spim) to visit a malicious site.  Upon loading the web page, a vulnerable web browser will execute the payload.
 

Removal -

Removal -

AVERT recommends to always use latest DATs and engine. This threat will be cleaned if you have this combination.

Additional Windows ME/XP removal considerations

Variants

Variants -

N/A