본문 바로가기
IT 보안소식

소포스(Sophos), CVE 2010-1885 exploited in the wild

by 잡다한 처리 2010. 6. 16.
반응형


보안업체 소포스(Sophos)에서 도움말 및 지원센터에 대한 취약점(CVE 2010-1885)을 사용한 악성코드가 발견되었다고 한다.

플리즈, 기브미 샘플 ㅠ_ㅠ

The recent Microsoft Windows Help and Support Center vulnerability (CVE 2010-1885) is being exploited in the wild.

Today, we got the first pro-active detection (Sus/HcpExpl-A) on malware that is spreading via a compromised website.

This malware downloads and executes an additional malicious component (Troj/Drop-FS) on the victim’s computer, by exploiting this vulnerability.

More details about CVE 2010-1885 can be found in our report here.

We detect this malware family as: Mal/HcpExpl-A.



댓글