Microsoft releases updates to address vulnerabilities exploited by trojan downloader

2 July 2004

JS/Scob.A@troj (a.k.a. Download.Ject) is a trojan downloader that has been infecting users of Microsoft Internet Explorer via websites that have the trojan's Javascript code planted within them.

The trojan attempts to download and install malicious code from a third party site by exploiting vulnerabilities in Microsoft Internet Explorer. Microsoft has now released configuration changes for Windows XP, Windows 2000, and Windows Server 2003, to address these vulnerabilities. Users are encouraged to update their systems as soon as possible by visiting the Windows Update Center.

More information on this trojan and on the vulnerabilities it exploits can be found here:

Recommended Reactions

Users are encouraged to patch their systems against these vulnerabilities as soon as possible by visiting the Windows Update Center.

Users should update their virus signature files and make sure they have the latest versions of F-Prot Antivirus installed on their computers.

After updating the virus signature files, users should scan their whole system with the F-Prot Antivirus OnDemand scanner to ensure that their computer security was not compromised before the virus signature files were updated.

Threat Detection

The latest versions of F-Prot Antivirus detect JS/Scob.A@troj using virus signature files dated 1 July 2003 or later.

Commtouch® is a leading developer of anti virus software and anti spam filtering services. Commtouch's anti virus computer software, F-PROT Antivirus, is available for a number of operating systems such as Windows, Linux, BSD, Solaris, and AIX as well as the Microsoft Exchange groupware.

1993-2013 © CYREN