News

Another IE flaw, another MyDoom

A new variant of the MyDoom worm that exploits an unpatched flaw in Microsoft’s Internet Explorer browser has emerged to threaten small business and home users in particular, security experts warned this week.

                                                                                                              

The worm, which security firms have labelled MyDoom.AF, MyDoom.AH and MyDoom.AG, spreads by e-mail and exploits a recently discovered buffer overflow vulnerability in IE.

 

Security firm iDefense warns users to avoid opening e-mail with the subject headers "funny photos :)", "hello", "hey!" or blank headers. Opening the infected e-mail and clicking on links in the message body will direct users to destinations from which an attack may be launched.

 

Microsoft issued a statement saying it was aware of the new variant and an investigation was under way. According to reports, the vulnerability does not exist on Windows XP Service Pack 2, so customers running the security update have more protection from the threat. Microsoft and security experts advised users who had not yet installed SP2 to do so.

 

The MyDoom variant exploits a flaw in the way IE handles HTML's iframe and frame tags. Code that takes advantage of the flaw began circulating last week and researchers warned that several new codes exploiting the vulnerability may appear in the next few weeks since it is still unpatched.

 

But Microsoft said that the current threat was low and that it was not aware of any significant customer impact. The company added that it would decide what further action to take when its investigation was complete, and could issue a patch ahead of its regular monthly security update.

 

Scarlet Pruitt writes for IDG News Service


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy