The August version of KaiXin was supporting:
- CVE-2011-3544 : An Oracle Java vulnerability fixed during October 2011 CPU.
- CVE-2012-0507 : An Oracle Java vulnerability fixed during February 2012 CPU.
- CVE-2012-1723 : An Oracle Java vulnerability fixed during June 2012 CPU.
- CVE-2012-0754 : An Adobe Reader vulnerability fixed in APSB12-03.
- CVE-2012-1889 : An Microsoft XML Core Service vulnerability fixed in MS12-043.
November version of KaiXin has involve by removing support of Oracle Java CVE-2012-0507 and CVE-2012-0754 vulnerabilities, and adding support of Oracle Java CVE-2012-1723 (fixed in Jun 2012 CPU), of Oracle Java CVE-2012-4681 (fixed in End August Oracle Security Alert) and of Oracle Java CVE-2012-5076 (fixed in October 2012 CPU).
Here under a VirusTotal analysis of all involved files:
- gS19tbEF.jpg (eef74c38121c225ab4d7f1d2bbb0369a) – 9/46 : CVE-2011-3544
- lXjOhqg.jpg (16e2c0a9f6636f9698e4dbe2f56551a9) – 22/46 : CVE-2012-1723
- obDb9.jpg (ac8085d9ec48770511c82065d6947eb7) – 27/41 : CVE-2012-4681
- MMWYD.jpg (684acb532179d99733273b79c4382b39) – 5/46 : CVE-2012-5076
- WysBRr.html (f018e5adf65c0841e58ba9c69703e6d4) – 6/45 : CVE-2012-1889
- JSZlR.html (7282d761c60541ad3edf7e480807bcb6) – 3/46 : CVE-2012-1889
- rar.css (c11b39439a1eda6923feefcad3993d22) – 18/43 : HEUR:Trojan.Win32.Generic
- top.html (13a5c097c74012a6f16fe9a866bee74e) – 2/46 : KaiXin.A
The following diagram describe you the way November version of KaiXin EK is working.