BitDefender Antivirus
Contact Us | My BitDefender

Exploit.HTML.Agent.AQ

( Exploit.HTML.Agent.AQ )
Spreading: very low
Damage: very low
Size: variable
Discovered: 2008 May 09

SYMPTOMS:

There are no obvious symptoms of infection at an early stage.
 
  
  
  







TECHNICAL DESCRIPTION:

This piece of malicious code is written in javaScript and affects a critical vulnerability of the Microsoft Vector Markup Language. It affects all the computer users running Microsoft Windows operating systems, from Microsoft Windows 2000 Service Pack 4 to Microsoft Windows Server 2003 x64 Edition. Users who already mnigrated to Windows Vista are unafected.

Once executed, the malicious script code downloads and runs an infected exe file located on a compromised webserver (http://www.bluell.cn/[omitted].exe). In order for the attack to succeed, the user must visit a web page infected with the malicious code, or to open specially crafted e-mail message with Microsoft Outlook.

The vulnerability my also be successfully exploited without users' interaction if the mail message is simply rendered within the Outlook e-mail client.

Removal instructions:

Please let BitDefender disinfect your files.

ANALYZED BY:

Suiu Andrei, virus researcher
©   2009 BITDEFENDER SiteMap | Legal Terms | Site Feedback | Global Sites | Privacy Policy