Microsoft releases updates to address vulnerabilities exploited by trojan downloader
The trojan attempts to download and install malicious code from a third party site by exploiting vulnerabilities in Microsoft Internet Explorer. Microsoft has now released configuration changes for Windows XP, Windows 2000, and Windows Server 2003, to address these vulnerabilities. Users are encouraged to update their systems as soon as possible by visiting the Windows Update Center.
More information on this trojan and on the vulnerabilities it exploits can be found here:
- Microsoft: What You Should Know About Download.Ject
- Microsoft: Knowledge Base Article 871277
- US-CERT: Cyber Security Alert SA04-184A
Users are encouraged to patch their systems against these vulnerabilities as soon as possible by visiting the Windows Update Center.
After updating the virus signature files, users should scan their whole system with the F-Prot Antivirus OnDemand scanner to ensure that their computer security was not compromised before the virus signature files were updated.
The latest versions of F-Prot Antivirus detect JS/Scob.A@troj using virus signature files dated 1 July 2003 or later.