PC Security Shield Virus Alert: JPEG-Exploit.Downloader.4098

  • Also Known As
  • JPEG-Exploit/Downloader.4098[Ahnlab] 
  • Type
  • Trojan Horse 
  • Systems Affected
  • Win32 
  • Resident in System Memory
  • No
  • Origin
  • Bulgaria
  • Encryption
  • No
  • How it spread
  • downloads
  • Infection symptoms
  • Installs Trojan Horse
  • Specific date of infections
  •  None
  • Destructivity/ Distribution Potential
  • ** / ***  

    Technical Description

    Detailed Contents

    It is an Trojan Horse which takes an advantage of MS04-028 GDI+ buffer overrun vulnerability and was found on July 23, 2009.

    Trojan Horse usually takes an advantage of vulnerability to execute random operation when JPEG file is opened. However Trojan Horse currently found has the symptom that downloads a file from a specified website.  

    The files downloaded from speciied website is not able to be seized but most of them are worms or malignant files.

    Especially this vulnerability is changeable to be able to occur several symptoms, just only spam mail is read. Therefore you should be careful to read any specious file including JPEG before security patch is already patched.

    Infection object system

    - Trojan Horse currently found is normally exploited at Windows XP Service pack 1 (English version). Therefore in the rest of Windows systems except Windows XP1 Service pack1 (English version), no symptoms or errors occur and Troja Horse infection symptoms aren't executed although the JPEG file constains a vulnerability code is opened.  


    How to repair:       [Repair by using The Shield AntiVirus]



    The Shield AntiVirus


    Security Shield AntiVirus - Total Internet Security

     

    PCSecurityShield  Total Internet Security Security Shield Antivirus