Downloader Trojan Exploits Hole in IE 7

Look in this specific forum for newly found security threats which may not yet be covered by your usual security software

Moderators: Admin Team, Moderators

User avatar
Site Admin
Site Admin
Posts: 15995
Joined: Fri Jan 28, 2005 5:16 pm
Area Of Expertise: Security
experience: I know the functions, OS settings, registry tweaks and more
PC time: What else is there in life?
Location: PHX, AZ

Downloader Trojan Exploits Hole in IE 7

Postby TeMerc » Tue Dec 09, 2008 10:53 am

Tuesday December 9, 2008 at 7:48 am CST
Posted by Geok Meng Ong and Xiaobo Chen

Today, many Internet users in China have reported an infection, presumably from browsing the web using a fully patched version of Microsoft Internet Explorer 7.x. My colleague Xiaobo Chen and I investigated the incident and found it to be an active exploit containing downloader shellcode that installs the Downloader-AZN Trojan (proactively detected as New Malware.n since 2005 when scanning with heuristics enabled).

The root cause was found to be the incorrect handling of certain XML tags in Internet Explorer 7.x that references already freed memory in the mshtml.dll.

0-= Continued @ Avert Labs


Who is online

Users browsing this forum: No registered users and 2 guests