HTML_IESLICE.A - Description and solution

TrendLabs Malware Blog

Glossary

TrendWatch

TrendLabs Twitter

HTML_IESLICE.A

Overview

Solution

Technical Details

Malware type: Html

Aliases: Exploit.HTML.IESlice.d (Kaspersky), Exploit-CVE2006-3730 (McAfee), Downloader (Symantec), EXP/Iframe.D.4 (Avira), Mal/JSShell-B (Sophos), Exploit:JS/MS05067 (Microsoft)

In the wild: No

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Overall risk rating:

Reported infections:
Damage potential:		Medium
Distribution potential:		Low

Infection Channel 1 : Spammed via email

Description:

To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.

HTML_IESLICE.A Behavior Diagram

Malware Overview

This is the Trend Micro detection for a proof-of-concept HTML file, hosted in a certain Web site, that exploits a new vulnerability in Internet Explorer (IE) that allows the execution of possibly malicious files using the account of the currently logged in user.

The said vulnerability targets the IE�s WebViewFolderIcon ActiveX control. More information can be found in this link.

Note that this detection is a zero-day exploit because it attacks a software vulnerability for which the vendor has not released a patch. This may pose as a dangerous situation in which a lot of computers may be affected due to the availability of the exploit code, and the fact that there is no available patch for the vulnerability.

For additional information about this threat, see:
Solution
Technical Details

Description created: Sep. 27, 2006 8:12:42 PM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.