Search
Keyword: microsoft internet explorer
\Software\Microsoft\ Direct3D\MostRecentApplication It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Direct3D\MostRecentApplication Name = "{malware file name}" Dropping Routine
(MS14-075) Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3009712) 
CVE-2014-6319 This security update resolves four privately reported vulnerabilities in Microsoft Exchange Server. The most severe of these vulnerabilities could allow elevation of privilege if a user
CVE-2011-1280 This security update addresses a reported vulnerability in Microsoft XML Editor , that could allow information disclosure once a user opens a malicious Web Service Discovery (.disco)
Microsoft Host Integration Server has vulnerabilities wherein inputs sent to it are not properly validated. These vulnerabilities could allow denial of service if a remote attacker sends specially
CVE-2010-1892,CVE-2010-1893 This security update addresses vulnerabilities in Microsoft Windows due to an error in processing buffer overflow. Once exploited, it elevates the privilege to
CVE-2011-1895,CVE-2011-1896,CVE-2011-1897,CVE-2011-1969,CVE-2011-2012 This update resolves five privately reported vulnerabilities in Microsoft Forefront Unified Access Gateway (UAG). The most severe
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run\ Microsoft Defender\xef\xbe xa9 Update = "{malware file path and name}" Other Details This Backdoor connects
Microsoft Windows Contacts Remote Code Execution Vulnerability (CVE-2022-44666) Web Client HTTPS 1011699* - GitLab Remote Code Execution Vulnerability (CVE-2022-2884) 1011684* - GitLab Remote Code Execution
* indicates a new version of an existing rule Deep Packet Inspection Rules: Web Client Common 1012141 - Microsoft Windows MSHTML Platform Spoofing Vulnerability (CVE-2024-43461) 1012142 - Microsoft
to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run MicroUpdate = "%User Profile%\My Documents\MSDCSC\msdcsc.exe" Other System
on Windows 2000, Windows Server 2003, and Windows XP (32- and 64-bit); C:\Users\{user name}\AppData\Roaming\Microsoft\Windows\Start Menu on Windows Vista (32- and 64-bit), Windows 7 (32- and 64-bit),
Technique This Trojan adds the following registry entries to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Remote Shell Manager = "
This Trojan adds the following registry entries to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run y1ag2rtq9f = "%User Profile%
VBS_WIMMIE.SMC then deletes itself and its dropper once its execution is completed. It saves the malicious __EventConsumer as the following: Microsoft WMI Comsumer Security Event_consumer It creates the following
following registry entries to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Antivirus = "%System Root%\Cache\checker.exe" Other
C:\Windows or C:\WINNT.) Autostart Technique This Trojan adds the following registry entries to enable its automatic execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows
backdoor adds the following registry entries to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run autoload = "%Application Data%
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Active Setup\Installed Components\4752511254685824 stubpath = "%Program Files%\Common Files\Apple\Mobile Device Support\apple.exe" Other System Modifications This Trojan adds the
HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run 1 = "%User Temp%\{malware file name}" Other System Modifications This Trojan modifies the following file(s): %Application Data%\GDIPFONTCACHEV1.DAT
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Active Setup\Installed Components\1210157019252281 stubpath = "%Program Files%\Common Files\Apple\Mobile Device Support\apple.exe" Other System Modifications This Trojan adds the