Threat Explorer

The Threat Explorer is a comprehensive resource consumers can turn to for daily, accurate, up-to-date information on the latest threats, risks and vulnerabilities.

Download.Tagdoor

Download.Tagdoor

Discovered:
03 April 2004
Updated:
06 April 2004
Systems Affected:
Windows
Download.Tagdoor is a trojan downloader that exploits the Microsoft Internet Explorer Object Type Validation Vulnerability (BID 8456).
Download.Tagdoor exploits the Microsoft Internet Explorer Object Type Validation Vulnerability (BID 8456) to execute a file on a vulnerable system. When this file is executed, it creates the following file:
C:\Documents and Settings\Administrator\Application Data\Micorsoft\HTML Help\hh.dat

It then deletes the following registry key:
HKEY_LOCAL_MACHINE\Software\Classes\.htm\OpenWithList\Notepad