This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Threat? Not Threat?

Hi!

Earlier this evening, I got a notification that a threat called Exp/MS04-028 had been detected on my system. I went to Quarantine, where I found it listed with a statement that the threat needed to be manually cleaned. I then went onto the Sophos website for information about how to do this. When I then returned to Quarantine, with the intention of trying to remove the threat, the threat was no longer listed--Quarantine was empty!

What does this mean? Is my system infected or not? Do I need to do anything?

Thanks!

Spence

This thread was automatically locked due to age.

0 Agile over 12 years ago

This is an interesting one...
Exp/ refers to exploits as opposed to actual malicious software. This exploit is http://technet.microsoft.com/en-us/security/bulletin/ms04-028
It looks like what happened is your web browser partially downloaded and cached a JPEG image, such that the references in the beginning of the image file were pointing to memory space outside of the file's size (as it was incomplete). When the image finished downloading, this condition went away, and so the threat did as well -- meaning that the quarantine was lifted for the file.
Does this make sense?
:1010534
Cancel
Vote Up 0 Vote Down

Cancel