New MyDoom Worms Exploit Unpatched IE Bug
1 - 2 min read
Nov 10, 2004
New versions of the MyDoom worm that began spreading late Monday afternoon are among the fastest-ever exploits of an unpatched Microsoft vulnerability, security experts said Tuesday.
MyDoom.ag and MyDoom.ah, as McAfee dubs the worms, appeared just five days after a bug in Microsoft's Internet Explorer was disclosed by security firms, including Denmark's Secunia. The IE vulnerability, named IFRAME after the HTML tag that can cause a buffer overflow, is being used by the new MyDooms to infect machines. There is no patch available for the flaw in IE.
MyDoom.ag and MyDoom.ah, as McAfee dubs the worms, appeared just five days after a bug in Microsoft's Internet Explorer was disclosed by security firms, including Denmark's Secunia. The IE vulnerability, named IFRAME after the HTML tag that can cause a buffer overflow, is being used by the new MyDooms to infect machines. There is no patch available for the flaw in IE.
"We're not surprised to see [the new MyDooms,]," said Alfred Huger, the senior director of engineering for Symantec's security response team, "since it's really simple to exploit this vulnerability.
"It's not quite a zero-day exploit, but it's close," he added.
As of mid-morning Tuesday, the new MyDooms had infected only a modest number of machines, said security analysts, and for now, the worst may be already over. "It's probably not going to be much bigger than it is right now," said Craig Schmugar, the virus research manager at McAfee.
The link for this article located at securitypipeline.com is no longer available.
Related Articles
1 - 0 min read
8220 Hacker Group Targets Cloud Systems To Mine Crypto
1 - 0 min read
Kubernetes Security Best Practices for 2024
1 - 0 min read
Millions Of GitHub Repositories Infected With Malicious Code
1 - 0 min read
New GhostRace Attack Impacts Major CPU, Software Vendors
