Discovered: March 28, 2005
Updated: February 13, 2007 12:35:55 PM
Type: Trojan Horse
Systems Affected: Windows XP
Trojan.Phel.B is a Trojan horse that is distributed as an .html file and attempts to exploit the Microsoft Internet Explorer HTML Help Control Local Zone Security Restriction Bypass vulnerability (
described in Microsoft Security Bulletin MS05-001). If the Trojan is successful, it downloads
Downloader.Psyme.
Note: This threat will only run in Windows XP Service Pack 2.
Protection
-
Initial Rapid Release version March 25, 2005
-
Latest Rapid Release version August 20, 2008 revision 017
-
Initial Daily Certified version March 25, 2005
-
Latest Daily Certified version August 20, 2008 revision 016
-
Initial Weekly Certified release date March 30, 2005
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: 0 - 49
-
Number of Sites: 0 - 2
-
Geographical Distribution: Low
-
Threat Containment: Easy
-
Removal: Easy
Damage
Distribution
Writeup By: Masaki Suenaga
