Exploit.Html.MhtRedir.Gen
MEDIUM
MEDIUM
varies
(Exploit.HTML.Mht (Kaspersky), Exploit-MhtRedir.gen (McAfee))
Symptoms
This type of threat is most of the times transparent to the user. It is almost impossible for a normal user to detect it. Browsing an unsafe site, a page may contain this exploit, and automatically execute it (without any interaction from the user) thus downloading and executing an executable file from the internet onto the local computer.
Removal instructions:
It is recommended that you do not allow execution of this type of html files and DELETE these files.
Analyzed By
Patrik Vicol, virus researcher
Technical Description:
This threat resides in a specially crafted html file that may download and execute the content of a CHM file, using the
Microsoft Internet Explorer MS-ITS Protocol Zone Bypass Vulnerability exploit described
here
SHARE
THIS ON