We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Exploit:JS/Blacole.AV
Aliases: Script/PDF.Exploit (AVG) EXP/Pidief.SY.2.F (Avira) Exploit.PDF-JS.Gen (BitDefender) Exploit.PDF.1858 (Dr.Web) JS/Exploit.Pdfka.OOE.Gen (ESET) Exploit.JS.Pdfka.dcu (Kaspersky) Suspicious-PDF.gen (McAfee) JS/Pdfjsc.W (Norman) Mal/PDFJs-W (Sophos)
Summary
Exploit:JS/Blacole.AV is a malicious JavaScript that attempts to exploit several vulnerabilities in Adobe Acrobat and Reader. If the exploit is successful in compromising a vulnerable host, it could result in downloading and executing other malware.
To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:
For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.
This threat exploits numerous vulnerabilities in applications including Oracle Java, Sun Java, Adobe Acrobat and Adobe Reader. Install applicable updates available from the vendor as these software updates provided enhanced security and mitigate vulnerabilities. You can read more about the vulnerabilities targeted by this malware and where to download available software updates from the following links:
- CVE-2006-0003 and Microsoft Security Bulletin MS06-014
- CVE-2007-5659 and Adobe Security Bulletin APSB08-13
- CVE-2008-2992 and Adobe Security Bulletin APSB08-19
- CVE-2009-0927 and Adobe Security Bulletin APSB09-04
- CVE-2009-1671 and Java JRE updates
- CVE-2009-4324 and Adobe Security Bulletin APSB10-02
- CVE-2010-0188 and Adobe Security Bulletin APSB10-07
- CVE-2010-0840 and Java JRE updates
- CVE-2010-0842 and Java JRE updates
- CVE-2010-0886 and Java SE updates
- CVE-2010-1423 and Java SE updates
- CVE-2010-1885 and Microsoft Security Advisory (2219475)
- CVE-2010-3552 and Oracle Java SE Update Advisory October 2010
- CVE-2010-4452 and Oracle Java SE Update Advisory February 2011
- CVE-2011-2110 and Adobe Security Bulletin APSB11-18
- CVE-2011-3544 and Oracle Java SE Update Advisory October 2011
- Download Java updates
In addition to Microsoft Windows update, third-party applications are available to assist in maintaining software updates, which include enhancements and security updates, for applications such as Oracle Java, Sun Java and Adobe Acrobat and Reader.
