New MyDoom variants exploiting unpatched IFRAME exploit

From: Jeffrey Thomas (jthomas_at_ETAXFN.COM)
Date: 11/09/04

  • Next message: Russ Cooper: "MajorRev: v2.0 Microsoft Security Bulletin MS04-039 - Vulnerability in ISA Server 2000 and Proxy Server 2.0 Could Allow Internet Content Spoofing (888258)"
    Date:         Tue, 9 Nov 2004 10:28:34 -0500
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    Symantec writeup's here:

    http://securityresponse.symantec.com/avcenter/venc/data/w32.mydoom.ai@mm.html

    http://securityresponse.symantec.com/avcenter/venc/data/w32.mydoom.ah@mm.html

    Maybe a patch today from Redmond? This could become a mess fast. Many of the AV folks are playing catchup on signature updates to detect these.

    JT

    --
    Editor's Note: The 43rd Most Powerful Person in Networking says...
    Register today to take the TruSecure ICSA exam by 12/31/04  at
    <http://www.2test.com> ,  use promo code "CT1204" and you will pay just
    $221.25 US Dollars for domestic exam delivery and  $296.25 US Dollars
    for international delivery.
    Visit <https://ticsa.trusecure.com>  for complete details regarding the
    TICSA credential and to take the free sample exam.
    --
    

  • Next message: Russ Cooper: "MajorRev: v2.0 Microsoft Security Bulletin MS04-039 - Vulnerability in ISA Server 2000 and Proxy Server 2.0 Could Allow Internet Content Spoofing (888258)"

    Relevant Pages