Home / malwarePDF  

Exploit:Java/ByteVerify


First posted on 15 February 2019.
Source: Microsoft

Aliases :

Exploit:Java/ByteVerify is also known as Java/Shinwow.AT, Trojan-Downloader.Java.OpenConnection.aa, Exploit-ByteVerify, Java/Byteverify.K, Troj/ByteVeri-N, Trojan.ByteVerify, JAVA_BYTEVER.A.

Explanation :

Exploit:Java/ByteVerify is a detection of malicious code that attempts to exploit a vulnerability in the Microsoft Virtual Machine (VM). The VM enables Java programs to run on Windows platforms. The Microsoft Java VM is included in most versions of Windows and Internet Explorer. In some versions of the Microsoft VM, a vulnerability exists because of a flaw in the way the ByteCode Verifier checks code when it is initially being loaded by the Microsoft VM. The ByteCode Verifier is a low level process in the Microsoft VM that is responsible for checking the validity of code - or byte code - as it is initially being loaded into the Microsoft VM. This flaw enables attackers to execute arbitrary code on a user's machine such as writing, downloading and executing additional malware. This vulnerability is addressed by update MS03-011, released in 2003.

Last update 15 February 2019

 

TOP