This is not a virus, but rather a method to exploit a security vulnerability in the Microsoft Virtual Machine. This vulnerability arises as the ByteCode verifier in the Microsoft Virtual machine does not correctly check for the presence of certain malformed code when a Java applet is loaded. Attackers could exploit this vulnerability by creating malicious Java applets and inserting them into web pages. These web pages could be hosted on a site by a malicious web master, or could be sent to users as an attachment. To read more about this issue, and to download the necessary patches, please visit:
http://www.microsoft.com/technet/security/bulletin/MS03-011.mspx
For more information, or for examples of this exploit in action, please see the description of the following malware (found elsewhere in the encyclopedia):
Java.Shinwow
Note: this detection may be triggered by merely visiting a web page that contains malicious code. It does not necessarily mean your machine has been compromised, nor that your machine is vulnerable to this particular exploit.
-------------------------------------
Removal Instructions
Virus found in the Javaâ„¢ Runtime Environment, Standard Edition (JRE) cache directory
Malicious applets may be detected in the JRE cache directory by your CA antivirus solution. The default installation path for this directory can be seen below:
C:\Documents and Settings\<username>\Application Data\Sun\Java\Deployment\cache\javapi\v1. 0\jar\
These malicious applets are designed to exploit vulnerabilities in the Microsoft VM (for more information on this vulnerability, please see Microsoft Security Bulletin MS03-011).
For more information on these malicious applets and their use, please visit the Sun Microsystems Java Technology Help Knowledgebase here:
http://java.com/en/download/help/cache_virus.jsp
Here are the instructions on how to manually remove these malicious applets from the JRE cache directory:
1. From the Start button, click Settings> Control Panel
2. In the Control Panel, open the "Java Plug-in Control Panel"
3. Select the Cache Tab
4. Click the Clear button inside the Cache Tab, which will clear your JRE cache directory
