I've found a trojan "Exploit.CVE-2013-0028" on my iMac. What damage could it have done?
Using ClamXAV, I found this trojan and isolated it, however, I'm wondering what it could have done before it was isolated?
OS X Mountain Lion (10.8.2)
Using ClamXAV, I found this trojan and isolated it, however, I'm wondering what it could have done before it was isolated?
OS X Mountain Lion (10.8.2)
That's a Windows virus that must only show up if you have Internet Explorer 6 to 9. See > http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0028
Have you got Windows on your Mac? That only appears with Windows systems, and it's a critical bug, so start into Windows and install all available updates with Windows Update, and that security bug will be removed. It's a so dangerous virus for Windows, so after installing the update, install an antivirus in Windows (like Microsoft Security Essentials) and delete the virus
Thank you for your quick reply, but NO, I don't have Windows or any Microsoftware on my iMac that I know of; I'd had a gut-full of Microsoft at work and made sure it never came near my home computer.
The location of it was here as indicated in the Scan Log:
Scanning/Users/"login name"/Library/Safari/ReadingListArchives/(lengthy alpha-numeric)/Page.webarchive: HTML.Exploit.CVE_2013_0028 FOUND
Would it have been benign if it only works with Microsoft?
Looking to the directory where it's stored, I think it's a "false positive". You visited a website (and saved it into Reading List) that may contain that virus, but as you are using OS X, you don't have to worry about it because it doesn't affect OS X.
Anyway, if you want to delete that file, I suggest you to restore Safari to default settings and run ClamXav again
Thank you so much ! That's such a relief. After my experiences with viruses on Windows machines at work, I break out into a cold sweat whenever I think the little critters have gotten their claws into my iMac.
You are welcome.
Be careful if you connect a USB drive or external drive to the iMac that you are going to use with a PC. Your Mac may transfer the virus to other computers, and that's why I recommend you to delete it
Understood, and will do !
BananaBike wrote:
Using ClamXAV, I found this trojan and isolated it, however, I'm wondering what it could have done before it was isolated?
Not sure where you got the idea it was a Trojan. It is an exploit from a web page you visited that would take advantage of a vulnerability in Microsoft Internet Explorer 6 through 9 if you were using it in Windows. Not a false positive at all, but also nothing that could impact OS X. If it were, the infection name would most likely contain the letters "OSX". ClamXav uses a multi-platform database which will detect malware of most any platform. It can't harm you if left where it is, but using either ClamXav, Safari or the Finder to delete it is fine.
I've found a trojan "Exploit.CVE-2013-0028" on my iMac. What damage could it have done?