Downloader.Ject

Downloader.Ject is a Trojan horse that attempts to download and install a file by exploiting the vulnerabilities in Internet Explorer (BID 10472, BID 10473). The Trojan is triggered by visiting a Web site that contains the exploit code.

For additional information, read the Microsoft Internet Knowledge Base article Information Services (IIS) 5.0 – Download.Ject Detection and Recovery Advisory (Article 871277).

Microsoft has released a configuration change to protect against this threat. For more information, read the article What You Should Know About Download.Ject.

This vulnerability was originally reported on June 6, 2004. Refer to http://securityfocus.com/archive/1/365293 for additional information.

The Microsoft update that fixes this vulnerability is described in Microsoft Security Bulletin MS04-025. Cumulative Security Update for Internet Explorer (Article 867801).

Note: Virus definitions dated prior to June 16, 2004, may detect this threat as Bloodhound.Exploit.10.

Note: Virus definitions dated June 7th, 2006 or earlier may detect this threat as Download.Ject.