Skip to content

Commit 31cbaff

Browse files
denisebmsftdenisebmsft
committed
Update exploits-malware.md
1 parent 88f2543 commit 31cbaff

File tree

1 file changed

+3
-5
lines changed

1 file changed

+3
-5
lines changed

defender-endpoint/malware/exploits-malware.md

Lines changed: 3 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -2,9 +2,7 @@
22
title: Exploits and exploit kits
33
ms.reviewer:
44
description: Learn about how exploits use vulnerabilities in common software to give attackers access to your computer and install other malware.
5-
keywords: security, malware, exploits, exploit kits, prevention, vulnerabilities, Microsoft, Exploit malware family, exploits, java, flash, adobe, update software, prevent exploits, exploit pack, vulnerability, 0-day, holes, weaknesses, attack, Flash, Adobe, out-of-date software, out of date software, update, update software, reinfection, Java cache, reinfected, won't remove, won't clean, still detects, full scan, MSE, Defender, WDSI, MMPC, Microsoft Malware Protection Center
65
ms.service: defender-endpoint
7-
ms.mktglfcycl: secure
86
ms.localizationpriority: medium
97
ms.author: dansimp
108
author: dansimp
@@ -15,7 +13,7 @@ ms.collection:
1513
- tier2
1614
ms.topic: conceptual
1715
search.appverid: met150
18-
ms.date: 03/18/2022
16+
ms.date: 05/30/2024
1917
---
2018

2119
# Exploits and exploit kits
@@ -36,7 +34,7 @@ The infographic below shows how an exploit kit might attempt to exploit a device
3634

3735
*Figure 1. Example of how to exploit kits work*
3836

39-
Several notable threats, including Wannacry, exploit the Server Message Block (SMB) vulnerability CVE-2017-0144 to launch malware.
37+
Notable threats use exploit kits to spread ransomware, including JSSLoader. The threat actor tracked by Microsoft as Storm-0324 (DEV-0324) uses this malware to facilitate access for the ransomware-as-a-service (RaaS) actor [Sangria Tempest](https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/#ELBRUS] (ELBRUS, Carbon Spider, FIN7).
4038

4139
Examples of exploit kits:
4240

@@ -61,4 +59,4 @@ You can read more on the [CVE website](https://cve.mitre.org/).
6159

6260
The best prevention for exploits is to keep your organization's [software up to date](https://portal.msrc.microsoft.com/). Software vendors provide updates for many known vulnerabilities, so make sure these updates are applied to all devices.
6361

64-
For more general tips, see [prevent malware infection](prevent-malware-infection.md).
62+
For more general tips, see [prevent malware infection](prevent-malware-infection.md).

0 commit comments

Comments
 (0)