Home / malwarePDF  

Trojan:W32/PFV-Exploit


First posted on 20 August 2010.
Source: SecurityHome

Aliases :

There are no other names known for Trojan:W32/PFV-Exploit.

Explanation :

Also known as a trojan horse program, this is a deceptive program that performs additional actions without the user's knowledge or permission. It does not replicate.

Additional DetailsTrojan:W32/PFV-Exploit is a detection for files containing an exploit for a vulnerability in Windows WMF (Windows Metafile) handling. The vulnerability may be exploited either locally or remotely, if an attacker can trick the user into viewing a specially crafted WMF file. Possible attack scenarios are:

€ When user visits malicious web site containing a specially crafted WMF file € When user views malicious WMF file (locally or network share) € When user opens email containing malicious WMF
A new exploit targeting this vulnerability was found in the wild in December 28th 2005.

More

According to Microsoft, the following versions of Windows are affected by the flaw:

€ Windows 2000 SP4 € Windows XP SP1 € Windows XP SP2 € Windows XP Professional x64 € Windows Server 2003 € Windows Server 2003 SP1 € Windows Server 2003 Itanium € Windows Server 2003 Itanium SP1 € Windows Server 2003 x64 € Windows 98SE, ME

Please see the following links for more details:

€ http://www.kb.cert.org/vuls/id/181038 € http://www.microsoft.com/technet/security/advisory/912840.mspx

Last update 20 August 2010

 

TOP