Home / malware Exploit:Win32/CVE-2010-1885.A
First posted on 06 March 2020.
Source: MicrosoftAliases :
Exploit:Win32/CVE-2010-1885.A is also known as CVE-2010-1885, Exploit:Win32/CrossSiteHCP.A, Exploit.HTML.CVE-2010-1885.a, Exploit/Cve-2010-1885, HTML/Exploit.CVE-2010-1885, Exploit.Win32.CVE-2010-1885, Exploit-CVE2010-1885, Mal/HcpExpl-A, TROJ_HCPEXP.A, Exploit.HTML.HCP.a.
Explanation :
Exploit:Win32/CVE-2010-1885.A is a detection for a cross-site scripting method that exploits a vulnerability (CVE-2010-1885) in Windows Help and Support Center that could allow an attacker to run arbitrary code on the local computer. InstallationExploit:Win32/CVE-2010-1885.A may be encountered if a Windows XP/2003 user is enticed to browse a malicious Web page or click on a hyperlink that contains the exploit. The exploit passes a URL (for example, hcp://
) to "helpctr.exe" using specific escape sequences that could result in the execution of arbitrary code. This exploit affects computers running Windows XP/2003 with Internet Explorer 8 (or below) and Windows Media Player 9. Upgrading to Windows Media Player 10 prevents the exploit from running without a prompt. Exploit:Win32/CVE-2010-1885.A downloads TrojanDownloader:JS/Adodb.F, and then downloads and executes another JavaScript component detected as TrojanDownloader:JS/Adodb.G. Additional InformationFor more information about this vulnerability, see the resources below: Microsoft Security Advisory (2219475) Microsoft Security Response Center (MSRC) Blog Common Vulnerabilities and Exposures CVE-2010-1885 Analysis by MSRC Last update 06 March 2020
