4/11: Nevar.B Exploit Targets Microsoft GDI Flaw
Expl_Nevar.B is an exploit that may be dropped by other malware.
Expl_Nevar.B is an exploit that may be dropped by other malware. It may arrive bundled with malware packages as a malware component.
It takes advantage of the GDI vulnerability in Microsoft. More information on the said vulnerability can be viewed in the following page: Microsoft Security Bulletin MS08-021
Once exploited, the said vulnerability allows a remote user or a malware program to download files on the affected machine. As a result, the affected system becomes compromised.
It also attempts to connect to a certain URL to download a file detected by Trend Micro as BKDR_POISONIV.QI. As a result, malicious routines of the downloaded file may be exhibited on the affected system.
Technical details can be found at this Trend Micro page.