Home / malwarePDF  

Trojan.Exploit.SSV


First posted on 21 November 2011.
Source: BitDefender

Aliases :

There are no other names known for Trojan.Exploit.SSV.

Explanation :

The malware exploits a vulnerability in the ActiveX control for the Snapshot Viewer present in some versions of Microsoft Access.

It downloads a file onto the affected computer which may be a piece of malware and uses this CLSID {F0E42D50-368C-11D0-AD81-00A0C90DC8D9} that belongs to Snapshot Viewer for Microsoft Access. The vulnerability presents itself in the snapview.ocx found in different Microsoft Access packages and the standalone product.

The file is downloaded in an arbitrary path which means that it can use tricks to start itself at startup ( "Startup" folder - %Start Menu%ProgramsStartup" ).

You can find out more about this here.

Last update 21 November 2011

 

TOP