Exploit.Html.MhtRedir.Gen( Exploit.HTML.Mht (Kaspersky), Exploit-MhtRedir.gen (McAfee) )
SYMPTOMS: This type of threat is most of the times transparent to the user. It is almost impossible for a normal user to detect it. Browsing an unsafe site, a page may contain this exploit, and automatically execute it (without any interaction from the user) thus downloading and executing an executable file from the internet onto the local computer.TECHNICAL DESCRIPTION: This threat resides in a specially crafted html file that may download and execute the content of a CHM file, using the Microsoft Internet Explorer MS-ITS Protocol Zone Bypass Vulnerability exploit described hereRemoval instructions: It is recommended that you do not allow execution of this type of html files and DELETE these files.ANALYZED BY: Patrik Vicol, virus researcher |
