My Bitdefender
  • 0 Shopping Cart

SHARE
THIS ON

Facebook Twitter Google Plus

Exploit.SWF.Gen

MEDIUM
MEDIUM
846

Symptoms

  The presence of some Trojan.PWS files and an outdated version of FlashPlayer

Removal instructions:

This file can't be disinfected. Just keep the shield up. Please let BitDefender disinfect your computer(if the exploit succeeded then it's 99% you have a Trojan.PWS on your computer)

Analyzed By

Alexandru Maximciuc, virus researcher

Technical Description:

Specifically crafted SWF(flash files) files allow remote file execution when the client has a vulnerable FlashPlayer.A malformed SWF record's value triggers a buffer overflow. The size of the SWF files vary. Usually it's a download and execute shellcode used to download and run a PasswordStealer trojan. It seems that all versions of flashplayer up to 9.0.124.0 are vulnerable ( though we saw malicious pages trying to exploit only version 115 and 47). We recommend keeping FlashPlayer up to date.. Also, keep the BitDefender shield active.