PC Security Shield Virus Alert: JPEG-Exploit.Downloader.4098
| JPEG-Exploit/Downloader.4098[Ahnlab] | |
| Trojan Horse | |
| Win32 | |
| No | |
| Bulgaria | |
| No | |
| 09/23/2006 | |
| downloads | |
| Installs Trojan Horse | |
| None | |
| ** / *** | |
| Unable to detect/repair [Run Latest Microsoft Patch] |
Detailed Contents
It is an Trojan Horse which takes an advantage of MS04-028 GDI+ buffer overrun vulnerability and was found on Sept. 23, 2006.
Trojan Horse usually takes an advantage of vulnerability to execute random operation when JPEG file is opened. However Trojan Horse currently found has the symptom that downloads a file from a specified website.
The files downloaded from speciied website is not able to be seized but most of them are worms or malignant files.
Especially this vulnerability is changeable to be able to occur several symptoms, just only spam mail is read. Therefore you should be careful to read any specious file including JPEG before security patch is already patched.
Infection object system
- Trojan Horse currently found is normally exploited at Windows XP Service pack 1 (English version). Therefore in the rest of Windows systems except Windows XP1 Service pack1 (English version), no symptoms or errors occur and Troja Horse infection symptoms aren't executed although the JPEG file constains a vulnerability code is opened.
How to repair: [Repair by using The Shield AntiVirus 2007]
