Discovered: June 15, 2004
Updated: February 13, 2007 12:24:26 PM
Type: Trojan Horse
Systems Affected: Windows 2000, Windows 98, Windows Me, Windows NT, Windows XP
Downloader.Ject is a Trojan horse that attempts to download and install a file by exploiting the vulnerabilities in Internet Explorer (BID 10472, BID 10473). The Trojan is triggered by visiting a Web site that contains the exploit code.
For additional information, read the Microsoft Internet Knowledge Base article
Information Services (IIS) 5.0 – Download.Ject Detection and Recovery Advisory (Article 871277).
Microsoft has released a configuration change to protect against this threat. For more information, read the article
What You Should Know About Download.Ject.
This vulnerability was originally reported on June 6, 2004. Refer to
http://securityfocus.com/archive/1/365293 for additional information.
The Microsoft update that fixes this vulnerability is described in
Microsoft Security Bulletin MS04-025. Cumulative Security Update for Internet Explorer (Article 867801).
Note: Virus definitions dated prior to June 16, 2004, may detect this threat as Bloodhound.Exploit.10.
Note: Virus definitions dated June 7th, 2006 or earlier may detect this threat as Download.Ject.
Protection
-
Initial Rapid Release version June 16, 2004
-
Latest Rapid Release version August 20, 2008 revision 017
-
Initial Daily Certified version June 16, 2004 revision 036
-
Latest Daily Certified version August 20, 2008 revision 016
-
Initial Weekly Certified release date June 16, 2004
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: 50 - 999
-
Number of Sites: More than 10
-
Geographical Distribution: Low
-
Threat Containment: Easy
-
Removal: Moderate
Damage
Distribution
Writeup By: Neal Hindocha
