New MyDoom Worms Exploit Unpatched IE Bug
Source: securitypipeline.com - Posted by Vincenzo Ciaglia   
Hacks/Cracks New versions of the MyDoom worm that began spreading late Monday afternoon are among the fastest-ever exploits of an unpatched Microsoft vulnerability, security experts said Tuesday. . . . New versions of the MyDoom worm that began spreading late Monday afternoon are among the fastest-ever exploits of an unpatched Microsoft vulnerability, security experts said Tuesday.

MyDoom.ag and MyDoom.ah, as McAfee dubs the worms, appeared just five days after a bug in Microsoft's Internet Explorer was disclosed by security firms, including Denmark's Secunia. The IE vulnerability, named IFRAME after the HTML tag that can cause a buffer overflow, is being used by the new MyDooms to infect machines. There is no patch available for the flaw in IE.

"We're not surprised to see [the new MyDooms,]," said Alfred Huger, the senior director of engineering for Symantec's security response team, "since it's really simple to exploit this vulnerability.

"It's not quite a zero-day exploit, but it's close," he added.

As of mid-morning Tuesday, the new MyDooms had infected only a modest number of machines, said security analysts, and for now, the worst may be already over. "It's probably not going to be much bigger than it is right now," said Craig Schmugar, the virus research manager at McAfee.

Read this full article at securitypipeline.com

Only registered users can write comments.
Please login or register.

Powered by AkoComment!