Hi,
Ik krijg al 4 dagen ineens een virus melding van deze file ... althans, het is meer een security threat. Is dit vanwege iets wat via Internet Explorer geinstalleerd staa, want ik heb Java VM al een tijd geleden geinstalleerd.
"Virus Profile: Exploit-ByteVerify
Risk Assessment
- Home Users: Low
- Corporate Users: Low
Date Discovered: 4/9/2003
Date Added: 4/22/2003
Origin: N/A
Length: Varies
Type: Trojan
SubType: Exploit
DAT Required: 4258
Virus Characteristics
This detection covers Java applets that attempt to exploit the Microsoft Security Bulletin MS03-011 vulnerability. The severity of this vulnerability is considered to be critical. It allows an attacker to execute malicious code, simply by visiting an infectious website. Detections of this exploit do not necessarily mean that any malicious code was executed. It simply means that a Java applet was found to contain the exploit code. Conversely malicious code may have been run, which could result in any number of modifications to the system.
All vulnerable systems should apply the patch from Microsoft. Patched systems are immune from the effects of the exploit code. However, detection will still occur on files attempting to make use of this exploit.
Indications of Infection
There are no obvious signs of infection. AVERT has received field samples that use this exploit to create a registry script file, and merge it into the system registry. This script simply altered the default start page of Internet Explorer.
Method of Infection
This exploit makes use of a security vulnerability affecting Internet Explorer and certain email clients, such as Outlook and Outlook Express.
Removal Instructions
All Users:
Use current engine and DAT files for detection. Delete any file which contains this detection.
Additional Windows ME/XP removal considerations"
Ik heb de PC wel gepatched natuurlijk (XP), kan ik het dan negeren? Of moet ik die file wegmikken?
Ik krijg al 4 dagen ineens een virus melding van deze file ... althans, het is meer een security threat. Is dit vanwege iets wat via Internet Explorer geinstalleerd staa, want ik heb Java VM al een tijd geleden geinstalleerd.
"Virus Profile: Exploit-ByteVerify
Risk Assessment
- Home Users: Low
- Corporate Users: Low
Date Discovered: 4/9/2003
Date Added: 4/22/2003
Origin: N/A
Length: Varies
Type: Trojan
SubType: Exploit
DAT Required: 4258
Virus Characteristics
This detection covers Java applets that attempt to exploit the Microsoft Security Bulletin MS03-011 vulnerability. The severity of this vulnerability is considered to be critical. It allows an attacker to execute malicious code, simply by visiting an infectious website. Detections of this exploit do not necessarily mean that any malicious code was executed. It simply means that a Java applet was found to contain the exploit code. Conversely malicious code may have been run, which could result in any number of modifications to the system.
All vulnerable systems should apply the patch from Microsoft. Patched systems are immune from the effects of the exploit code. However, detection will still occur on files attempting to make use of this exploit.
Indications of Infection
There are no obvious signs of infection. AVERT has received field samples that use this exploit to create a registry script file, and merge it into the system registry. This script simply altered the default start page of Internet Explorer.
Method of Infection
This exploit makes use of a security vulnerability affecting Internet Explorer and certain email clients, such as Outlook and Outlook Express.
Removal Instructions
All Users:
Use current engine and DAT files for detection. Delete any file which contains this detection.
Additional Windows ME/XP removal considerations"
Ik heb de PC wel gepatched natuurlijk (XP), kan ik het dan negeren? Of moet ik die file wegmikken?
:strip_exif()/u/53157/thai4.gif?f=community)