HTML_EXPLOYT.AE
Posted: July 4, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 8/10 |
---|---|
Infected PCs: | 9 |
First Seen: | July 4, 2012 |
---|---|
Last Seen: | October 3, 2021 |
OS(es) Affected: | Windows |
HTML_EXPLOYT.AE is a web page-based PC threat that exploits a recently-uncovered (and, as of the time of this writing, still unpatched) vulnerability in Internet Explorer, CVE-2012-1889. In theory, this exploit can be used to install other PC threats. However, current versions of HTML_EXPLOYT.AE include flaws that fail to bypass Microsoft's default security, which causes Internet Explorer to crash instead of being exploited to attack your computer. In spite of this, SpywareRemove.com malware researchers still recommend that you avoid any potential contact with HTML_EXPLOYT.AE, since HTML_EXPLOYT.AE may be updated for full (and non-crash-inducing) functionality later on – especially since there are already other PC threats in the wild that are capable of using CVE-2012-1889 to full effect.
HTML_EXPLOYT.AE: Halfway to Your PC Through IE... and Then Stopping
HTML_EXPLOYT.AE doesn't have an explicit means of propagation or marketing itself, but HTML_EXPLOYT.AE can be found in spam e-mail links, browser redirect attacks or malicious sites that inflate their search engine rankings. The HTML_EXPLOYT.AE website exploit can only function in Internet Explorer, as the vulnerability that HTML_EXPLOYT.AE targets is built-in to Microsoft's XML Core Services and is inapplicable to other brands of web browsers.
SpywareRemove.com malware researchers have noted that the key trait of HTML_EXPLOYT.AE is that its half-baked attempt at bypassing Microsoft's own security: unlike similar PC threats (such as Sus/20121889-A or Exp/20121889-A), HTML_EXPLOYT.AE doesn't include any means of bypassing the DEP or Data Execution Prevention feature. In practical terms, what this means for victims of HTML_EXPLOYT.AE is that Internet Explorer will crash as soon as a web page that hosts HTML_EXPLOYT.AE is loaded. However, other PC threats that are designed to make up for HTML_EXPLOYT.AE's failings are perfectly capable of using this exploit to run malicious code on your PC without your consent.
Keeping This Browser-Crashing Bug Off Your Browser
Since HTML_EXPLOYT.AE may receive updates in the future that allow HTML_EXPLOYT.AE to complete HTML_EXPLOYT.AE attacks successfully, SpywareRemove.com malware researchers recommend that you avoid potential attack routes for HTML_EXPLOYT.AE. These routes can include links that are embedded in e-mail or instant-messaging spam, disreputable sites that have been confirmed to have poor reputations on the web and sites that are promoted by browser-redirecting PC threats. However, HTML_EXPLOYT.AE attacks that cause observable Internet Explorer crashes aren't likely to result in an infection, although the same web page may also use other attacks besides HTML_EXPLOYT.AE.
Like the CVE-2012-1889 exploit that HTML_EXPLOYT.AE halfheartedly abuses, HTML_EXPLOYT.AE is a recently-identified PC threat. Anti-malware software has the best chance of protecting your PC from HTML_EXPLOYT.AE if you keep all threat databases updated. In cases where you're using competent web security programs with updated threat definitions, SpywareRemove.com malware analysts note that HTML_EXPLOYT.AE should be blocked before HTML_EXPLOYT.AE ever loads in IE in the first place.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.