The Antivirus Guy Blog

Keeping people up to date with antivirus and security information

Trend Micro- TROJ_NASCENE.E – Yet another WMF exploit Trojan

Come on Microsoft, where is that patch??

TROJ_NASCENE.E – Description and solution.


This Trojan is a Windows Metafile (WMF) that exploits a known vulnerability in the way specially-crafted WMF images are handled that can lead to arbitrary code execution. For more information about this vulnerability, please refer to this page:

This vulnerability is a zero-day exploit that is capable of remote code execution. Zero-day exploits are termed as such because the unpatched vulnerability and its corresponding exploit code are released within the same day. This may pose as a dangerous situation in which a lot of computers may be affected due to the availability of exploit code, and the fact that the vendor has not been given enough time to patch it.

Upon successful exploitation of this vulnerability, this Trojan connects to a certain Web site and downloads a certain file. Trend Micro detects the said file as ADW_EXFOL.A.


December 30, 2005 - Posted by | Antivirus News, Security News, Virus Outbreaks

No comments yet.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: