|
|
发表于 2004-12-15 15:22:18
|
显示全部楼层
ViRUS NAME :JS_BAIDU.A0 s- F* l* m! w* M4 p9 v# j" M# v
0 V: q8 K( _" Z: d: _
0 W4 ^8 c0 A* Y2 S2 X5 S1 G) PQUICK LINKS Solution | Understanding New Pattern Format
5 Q* x" G: k6 @+ P
0 d8 ~8 p7 l0 L--------------------------------------------------------------------------------& [- E |1 ?: e' b! c8 s
* |1 c" z0 e% O$ e( y6 @; I/ cVirus type: JavaScript 7 b: j( c4 W6 B/ H8 F
( ~4 z/ q. u* ~) k" m
Destructive: No 4 ~2 c0 _* o9 t' g: S. e! S
" o" Y( S+ y! M" \. \' F" [ [9 ~Pattern file needed: 2.292.08 . f0 |' p* X- m- I% w
- M; f) t$ u7 p: H% K* {Scan engine needed: 6.810
$ T9 b. F7 I: G6 E( Z5 s; N " i$ F2 W7 U" [7 d: m0 b
Overall risk rating: Very Low
9 [" N& D6 M2 u5 o/ x, A* d8 s2 B: ]! F, _! _
--------------------------------------------------------------------------------
- O* {8 b% {. _ ; J1 p ?/ ?* t; |+ Z
Reported infections: Low
5 U8 o7 `! m4 R+ H4 S- U8 q$ D
* `/ d; I: \6 p+ wDamage Potential: Low 6 x# G& Y: ~* s' c* }: z- H3 B$ Q f
( U- y& h/ k$ YDistribution Potential: Low 3 `; ?' x1 \1 m8 `3 E5 u
4 ^9 x- E3 V$ a. e + @! G9 Z: E: z4 X
7 [- i+ P: B' l) G) G% `( F& a1 h2 _--------------------------------------------------------------------------------
. ~0 {$ l) U4 _+ V4 p / L% A& x( O3 J) v4 O5 j
Description:
2 t. I# {( }( w' H. Z% ~) F. k) M# h
X9 s; |4 ?- r5 G, H X
; a y% D5 m* ~( Z N; B- x! D# x3 H/ y
This malicious JS script may reside in an HTML file or in a malicious Web site.
V: Z d: _) ]! ?% Y* y0 u0 _" @0 v2 D. t( c' X4 u5 N' M
Upon execution, this JS script automatically downloads from the URL http://barai<BLOCKED>.com/update/Search.cab. 3 r! z' Y6 n6 R5 Z" D% P v' M
1 `( K# E$ G" W' ~# {! K1 lIt exploits a codebase vulnerability in Internet Explorer, which allows automatic execution of files.
* p; c8 Y; D0 o+ I& t5 J: X: }5 m: G; k- H
It runs on Windows 95, 98, ME, NT, 2000, and XP. |
|
楼主