Last Tuesday Microsoft released a Security Bulletin (MS09-002) for critical vulnerabilities which affected its Internet Explorer browser. The vulnerability exists because of improper error handling when accessing deleted objects and allows remote code execution through a specially crafted website.

Exploit Code

This week a few websites in China started to actively exploit this vulnerability and the malware (jc.exe & wininet.dll) is detected as Spyware/Virtumonde. The websites involved in this example have been blocked by Panda’s Identity Protect Technology, which will block Panda's users before reaching the exploit sites.

   We recommend applying Microsoft's patch immediately.