|
Description:
This Trojan is Trend Micro's detection for a modified Windows Metafile (WMF) that takes advantage of an unpatched vulnerability discussed in the following Microsoft page:
This vulnerability is a zero-day exploit that is capable of remote code execution. Zero-day exploits are termed as such because the unpatched vulnerability and its corresponding exploit code are released within the same day. This may pose as a dangerous situation in which a lot of computers may be affected due to the availability of exploit code, and the fact that the vendor has not been given enough time to patch it.
Once successfully exploited, the said vulnerability allows this Trojan to download the possibly malicious file UP.EXE from the following URL:
http://kube.isa-{BLOCKED}.com/wen/up.exe
However, the mentioned link is unavailable as of this writing.
For additional information about this threat, see:
Solution
Technical Details
Description created: Jan. 1, 2006 3:11:21 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
