The recent Microsoft Windows Help and Support Center vulnerability (CVE 2010-1885) is being exploited in the wild.
Today, we got the first pro-active detection (Sus/HcpExpl-A) on malware that is spreading via a compromised website.
This malware downloads and executes an additional malicious component (Troj/Drop-FS) on the victim’s computer, by exploiting this vulnerability.
More details about CVE 2010-1885 can be found in our report here.
We detect this malware family as: Mal/HcpExpl-A.