1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Suspicious Executable File Download 3

Web Attack: Suspicious Executable File Download 3

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects malicious executable download coming from browser in the form of javascript attacks.

Additional Information

The script tag can be used to specify any file. If an image file is specified, the server will deliver the script (named script.jpg), but with a content-type of image/jpeg.

Affected

  • Internet Explorer (all versions)
  • Firefox (all versions)

Response

The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.

1. Restart the computer using the Windows Recovery Console.
2. Disable System Restore (Windows Me/XP).
3. Update the virus definitions.
4. Run a full system scan.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube