We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Exploit:SWF/Blacole.A
Aliases: Exploit.SWF.Blacole (Ikarus) Exploit.SWF.Agent.er (Kaspersky) Troj/SWFDlr-AK (Sophos)
Summary
Exploit:SWF/Blacole.A is a detection for malicious code within specially crafted Adobe Shockwave flash (.SWF) files. The malicious files are commonly distributed via an exploit kit, known as "Blackhole", within compromised webpages. The malware is capable of redirecting a web browser to another specified website and downloading and executing arbitrary files.
To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:
For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.
This malware may download or execute other malware that exploits known vulnerabilities in Adobe Shockwave. Install the updates available from the vendor so that your software is no longer affected by these vulnerabilities. You can read more about these vulnerabilities in Shockwave files, as well as where to download the software update from the following links:
