Downloader.Ject

Downloader.Ject is a Trojan horse that attempts to download and install a file by exploiting the vulnerabilities in Internet Explorer (BID 10472, BID 10473). The Trojan is triggered by visiting a Web site that contains the exploit code.

For additional information, read the Microsoft Internet Knowledge Base article Information Services (IIS) 5.0 – Download.Ject Detection and Recovery Advisory (Article 871277).

Microsoft has released a configuration change to protect against this threat. For more information, read the article What You Should Know About Download.Ject.

This vulnerability was originally reported on June 6, 2004. Refer to http://securityfocus.com/archive/1/365293 for additional information.

The Microsoft update that fixes this vulnerability is described in Microsoft Security Bulletin MS04-025. Cumulative Security Update for Internet Explorer (Article 867801).

Note: Virus definitions dated prior to June 16, 2004, may detect this threat as Bloodhound.Exploit.10.

Note: Virus definitions dated June 7th, 2006 or earlier may detect this threat as Download.Ject.

Protection

• Initial Rapid Release version June 16, 2004
• Latest Rapid Release version August 20, 2008 revision 017
• Initial Daily Certified version June 16, 2004 revision 036
• Latest Daily Certified version August 20, 2008 revision 016
• Initial Weekly Certified release date June 16, 2004

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

• Wild Level: Low
• Number of Infections: 50 - 999
• Number of Sites: More than 10
• Geographical Distribution: Low
• Threat Containment: Easy
• Removal: Moderate

Damage

• Damage Level: Low

Distribution

• Distribution Level: Low