Trend Micro Virus Alert: EXPL_TXTRANGE.A

Vulnerability Exploit - EXPL_TXTRANGE.A

EXPL_TXTRANGE.A is a zero-day exploit that takes advantage of a vulnerability in the createTextRange Method call process in Internet Explorer. Exploiting this vulnerability enables a user to create a text range within an object. This exploit affects Internet Explorer 6.0 and Internet Explorer 7.0 Beta 2 (January Edition) running on Windows 98, ME, NT, 2000, XP, and Server 2003.

This exploit causes an error in the mentioned text range, which is applied to an affected system's memory and to execute arbitrary codes on the system. It can also download and execute malicious codes on the system.

Zero-day exploits are termed as such because the unpatched vulnerability and its corresponding exploit code are released within the same day. This poses a threat whereby many computers may be affected due to the availability of exploit code, and the fact that vendors do not have much time to patch it.

One malicious JavaScript that uses this exploit is detected by Trend Micro as JS_DLOADER.BXR.

If you would like to scan your computer for EXPL_TXTRANGE.A or any other worms, viruses, Trojans and malicious code visit HouseCall, Trend Micro's free, online virus scanner at: http://housecall.trendmicro.com/