JS/Exploit

Category: Misunderstanding Discovered On: 30 Apr 2002
Type: misunderstanding Updated On: 10 Oct 2006
Aliases: JS.Exception, HTML.VmExploit

Description

JS.Exploit is not a virus, but rather an exploit that takes advantage of a security vulnerability in some versions of Microsoft Internet Explorer, Outlook and Outlook Express.

Some anti-virus products may report HTML code as exploiting this vulnerability, even if the code does not contain a virus. For instance, the vulnerability is sometimes used by pornographic and online gambling websites.

Microsoft has released a patch which reportedly fixes the vulnerability. For further information and to download a patch, please view Microsoft Security Bulletin (MS00-075).

Furthermore, Sophos recommends that customers who are concerned they may have encountered a virus that Sophos Anti-Virus does not detect should send a sample for analysis.

Threat Level

Threat Level:

Learn more