Threat Description

Exploit:​W32/JetDb.C

Details

Aliases:Exploit:​W32/JetDb.C
Category:Malware
Type:Exploit
Platform:W32

Summary



This sample arrives together with a malicious MS Word document file as a package or attachment to email messages. The specially crafted file exploits a known Remote Code Execution vulnerability on Microsoft Jet Database Engine.



Removal


Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.

More

You may wish to refer to the Support Community for further assistance. You also may also refer to General Removal Instructions for a general guide on alternative disinfection actions.



Technical Details



This malware file arrives as a package usually with another maliciously crafted MS Word Document file to be executed.

When loaded, this malware wil then exploit a known Remote-Code-Execution vulnerability on MS Jet Database Engine.

A successful execution of the exploit will result to the file C:\SVCH0ST.EXE to be created and executed on the user's system.






SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More