Be on the lookout for trojan called Heap (ROP). Noticed a couple websites that are infected with this or they are infecting their visitors. Will update with further information, names and ips. If you encounter this malware, report .. links provided at end of this post.Attack: Browser Heap (ROP)
Severity: High - This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
Description - This signature detects an attempt to exploit the browser using a exploitation technique known as Return Oriented Programming.
Additional Information
This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.
Affected Windows
Response - No further action is required but you may wish to perform some of the following actions as a precautionary measure.• Run the Norton Power Eraser. (home users)• Run the Symantec Power Eraser. (business users)• Update your product definitions and perform a full system scan.• Identify suspicious files.• Submit suspicious files to Symantec for analysis.If you believe that the signature is reported erroneously, please read the following:• Change the behavior of Symantec IPS signatures.• Report a potential false positive to Symantec.
