Have you listened to our podcast? Listen now

CVE 2010-1885 exploited in the wild

15 Jun 2010 0 Malware, SophosLabs, Vulnerability

by Donato Ferrante

The recent Microsoft Windows Help and Support Center vulnerability (CVE 2010-1885) is being exploited in the wild.

Today, we got the first pro-active detection (Sus/HcpExpl-A) on malware that is spreading via a compromised website.

This malware downloads and executes an additional malicious component (Troj/Drop-FS) on the victim’s computer, by exploiting this vulnerability.

More details about CVE 2010-1885 can be found in our report here.

We detect this malware family as: Mal/HcpExpl-A.

Free tools

Sophos Firewall Home Edition

Boost your home network security.

Sophos Scan & Clean

Free second-opinion scanner for PCs.

Sophos Cloud Optix

Monitor 25 cloud assets for free.

What do you think? Cancel reply

Recommended reads

Mar16

by Paul Ducklin

1

S3 Ep 126: The price of fast fashion (and feature creep) [Audio + Text]

Jan17

by Paul Ducklin

10

Serious Security: Unravelling the LifeLock “hacked passwords” story

Mar14

by Paul Ducklin

6

Firefox 111 patches 11 holes, but not 1 zero-day among them…