Exploit:Java/CVE-2010-0840.EW

Detected by Microsoft Defender Antivirus

Aliases: Java/Exploit.NF (AVG) Exploit.CVE2010-0840.18 (Dr.Web) Exploit.Java.CVE-2010-0840.db (Kaspersky) Exploit/CVE-2010-0840.R (Norman) Troj/JavaMI-Gen (Sophos) Trojan.Maljava (Symantec)

Summary

Exploit:Java/CVE-2010-0840.EW is a detection for certain malicious Java applets that exploit a vulnerability of privilege escalation, described in CVE-2010-0840. The vulnerability is present in Java Runtime Environment (JRE) versions 5 and 6. Successful exploitation could lead to the download and execution of other malware.

To detect and remove this threat and other malicious software that may be installed in your computer, run a full-system scan with an up-to-date antivirus product such as the following:

Microsoft Security Essentials

Windows Live safety scanner

For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.

Update vulnerable applications

This threat exploits known vulnerabilities in the Java Runtime Environment. After removing this threat, make sure that you install the updates available from the vendor. You can read more about these vulnerabilities in Java applets, as well as where to download the software update from the following links:

Over time, multiple vulnerable versions of Java may remain in your computer in separate folders. It is "highly recommended" that users remove all older versions of Java as keeping the older versions on your system present a security risk. See the following FAQ article:

Java FAQ: Why should I remove older versions of Java from my system?

Exploit:Java/CVE-2010-0840.EW

Summary

What to do now

Update vulnerable applications

Technical information

Threat behavior

Payload

Prevention

Symptoms