Not what you are looking for? Ask the experts!
Exploit Attack 61005 Memory Heap Spray - how did it get on my machine?
Last night when I booted my Win10 Pro laptop as it was loading the desktop i got the splash screen for Microsoft word 2010 (which I have installed and fully patched) but I do NOT have it set to run at start-up. As I'm puzzling why this splash screen has popped up... Norton comes up with:
"Norton has blocked an exploit attack - Signature ID 61005 - WinWord.Exe"
I asked for details and it said: memory heap spray attack was blocked no further action required.
I guess I'm not quite satisfied - apparently somehow code was injected into my machine to cause WinWord to launch on boot, and Norton stopped the execution, but how did the malicious code get there to begin with, and how can I help make sure it does not happen again?
I have run a full scan of the hard drive with Norton, as well as current versions of SAS, and MAB all three come back clean.