We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Exploit:JS/Blacole.GB
Aliases: No associated aliases
Summary
Windows Defender detects and removes this threat.
You should also update your software to be fully protected.
This threat is a type of malware which tries to infect your computer with other malware, such as trojans and viruses.
It belongs to the Blacole family of malware, which together are known as the Blacole (or "Blackhole") exploit kit.
See our page about exploits and learn how to update common software.
When you visit a malicious or compromised website, Blacole scans your computer for vulnerabilities or weaknesses in your software. It then uses those vulnerabilities to download malware onto your computer:
Typically, the Blacole exploit kit attempts to exploit vulnerabilities in applications such as Oracle Java, Sun Java, Adobe Acrobat and Adobe Reader.
Run antivirus or antimalware software
Use the following free Microsoft software to detect and remove this threat:
- Microsoft Defender Antivirus for Windows 8.1 and Windows 10, or Microsoft Security Essentials for Windows 7 and Windows Vista
- Microsoft Safety Scanner
You should also run a full scan. A full scan might find hidden malware.
Keep your software and AV tool updated to prevent Blacole from infecting your computer with more malware.
You can read more about this vulnerability and download software updates from these links:
You should remove older versions of Java that are still present. Keeping old and unsupported versions of Java on your system presents a serious security risk. You can read more about why you should remove older versions of Java in the following article:
A detection for this exploit may be triggered from your Java cache if a previous attempt at exploit has been made. We recommend that you delete your temporary Java files to prevent a persistent detection of this exploit. For instructions on how to delete temporary Java files, please see the following article: