Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MS05-037: Trojan.Jevprox - Low risk IE exploit


  • Please log in to reply
2 replies to this topic

#1 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:04:34 PM

Posted 18 July 2005 - 09:37 PM

A new trojan horse exploit manipulates an IE Java vulnerability patched in July. This is not widespread and it is low risk overall. Please be sure you are on the latest Microsoft patches through Windows Update as other exploits could also manipulate this security vulnerability.

MS05-037: Trojan.Jevprox - Low risk IE exploit

Trojan.Jevprox is a downloader Trojan that exploits the Microsoft Internet Explorer Javaprxy.DLL COM Object Instantiation Heap Overflow Vulnerability described in Microsoft Security Bulletin MS05-037

Edited by harrywaldron, 18 July 2005 - 09:47 PM.


BC AdBot (Login to Remove)

 


m

#2 Deodar

Deodar

  • Members
  • 83 posts
  • OFFLINE
  •  
  • Location:41'00"S174'.00"E
  • Local time:03:34 PM

Posted 21 July 2005 - 09:32 AM

Thanks for the intelligence report Harry. I just encountered and dl'd
Swat It, intriguing specs for anti trojan software.https://onesecond-128
bit- encryption.net????-is that security or what?? Real link was
http://swatit.org/download.html it's a free pro version??Exciting when
new software appears,especially spywarrior apps.

#3 harrywaldron

harrywaldron

    Security Reporter

  • Topic Starter

  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:04:34 PM

Posted 22 July 2005 - 05:48 AM

Hi - The key protection is to ensure you are up-to-date on all Microsoft security bulletins each month :thumbsup: If you perform a Windows Update each 2nd Tuesday of the month (or wait until the next day), you'll be keeping your system protected from the reverse engineering of code that occurs on every update.

I've not used Swat-IT but it sounds like a good tool. Using Antivirus software, a good firewall, and best practices will help also :flowers:

There's also a new "MS05-036: Color Management Exploit Code in Wild" exploit that is based on vulnerabilities patched by Microsoft in July, that I'll also be warning about in a few minutes :trumpet:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users