Content
Exploit-TaroDrop.c
- Type
- Trojan
- SubType
- Exploit
- Discovery Date
- 08/06/2007
- Length
- Varies
- Minimum DAT
- 5091 (08/06/2007)
- Updated DAT
- 5294 (05/13/2008)
- Minimum Engine
- 5.1.00
- Description Added
- 08/06/2007
- Description Modified
- 08/09/2007 6:39 PM (PT)
Tab Navigation
Characteristics
Symptoms
Method of Infection
Removal
All Users:
Use current engine and DAT files for detection and removal.
Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher).
Variants
Variants
N/A
All Information
Overview -
-- Update: August 9, 2007 --
JustSytems has released a patch for the vulnerability, see:
http://www.justsystem.co.jp/info/pd7003.html (in Japanese)
This is a generic detection that covers files attempting to exploit a new vulnerability in Justsystem Ichitaro discovered in August 2007.
A patch for this vulnerability is currently being developed by the vendor. Japanese users of this application may find more information on the vulnerability and its patch at:
http://www.justsystem.co.jp/info/pd7003.html (in Japanese)
Ichitaro is a Japanese word processing application provided by JustSystem.Exploit code with malicious payload has been found to be used in the wild.
This threat was detected as Exploit-TaroDrop.b trojan with DAT 5090 (August 3rd 2007).
Characteristics
Characteristics -
Symptoms
Symptoms -
Method of Infection
Method of Infection -
Removal -
Removal -
All Users:
Use current engine and DAT files for detection and removal.
Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher).
Additional Windows ME/XP removal considerations
Variants
Variants -
N/A
