Another new MyDoom variant is making the rounds.

Looks like there’s a new version of the MyDoom virus circulating on the Net taking advantage of another unpatched hole in Internet Explorer.

The worm, which security firms dubbed MyDoom.AF, MyDoom.AH and MyDoom.AG, spreads by e-mail and exploits a recently discovered buffer overflow vulnerability in IE.

Internet users should avoid opening suspicious e-mail with the subject headers “funny photos smile,” “hello,” “hey!” and blank headers, according to security firm iDefense Inc. Users who open the infected e-mail and click on links in the message body will be directed to destinations from which an attack may be launched.

Microsoft issued a statement saying that it was aware of the new variant and an investigation is underway. According to early reports the vulnerability does not exist on Windows XP (Overview, Articles, Company) Service Pack 2 (SP2) so customers running the security update are at a reduced risk of the threat, Microsoft said. The software maker and security experts advised users to install SP2 if they have not already.

For those of you who still aren’t running Windows XP your best option is to make the switch away from IE. Hell, it’s probably your best bet even if you are running XP.

9 thoughts on “Another new MyDoom variant is making the rounds.

  1. Great, M$, tell everyone to install SP2.  I have heard more problems about THAT than I care to think about.  Solve one problem and start another…

  2. Yesterday I was hit for the first time ever with a virus… a trojan horse thingy that loaded a shitload of spyware on my computer. Every waking moment since than has been spent trying to clean everything up…
    Anyway, convinced me to download Firefox and never use Explorer AGAIN… I contracted the thing just from visiting a web site (yeah, a porn site – but she was HOT!!!)

    And, yeah, everyone I know had problems installing SP2, so I’ll avoid for some time.

  3. Get Firefox. Version 1.0 finally released on 11/9. I’m sticking with one of the pre-release versions until my favorite plugins get updated.

    1) It’s a better browser and renders (X)HTML more correctly.

    2) It’s smaller and lighter.

    3) The community support generates numerous plugins that make browsing easier and drive power users to a state of ecstasy.

    4) It doesn’t crash as often as IE.

    5) Built in features are intelligent and useful. For example, right clicking on a link brings up a context menu that includes the option of copying the link target to the clipboard—blogging without this would drive me nuts!

    6) It’s free.

    Available at http://www.mozilla.org/

  4. I had so many problems when I did the SP2. Nothing would work properly and so many things kept crashing. I finally took IE off my system entirely.

  5. I hadn’t used Firefox until this morning and I have to say, I’m pleasantly suprised. Its much more secure than IE. I was having a problem getting rid of some particularly troublesome spyware known as super-spider (maybe you’ve heard of it) but this solved it. I tried everything to, I manually reset all the registry values for IE, deleted all the active-x controls and it STILL got on my damn computer, but firefox is apparently “immune” to it.

  6. I’m actually surprised so many folks are having trouble with Service Pack 2. I’ve installed it dozens of times on various machines and never had any issues with it. I do recommend the upgrade.

    I can only assume that folks that are having trouble with it might have PCs that are due for a restage anyway. If it’s been two or more years since you last backed up your data, wiped the hard drive, and reinstalled from scratch then you may want to consider it. Over that much time you’ve probably accumulated all sorts of crap in your system you’re not aware of and installing SP2 on a freshly staged system is child’s play. You’ll probably find your system runs faster as well.

  7. You’re right, Les. I have been procrastinating on the ‘Ol HD clean-up. Gotta break down and do -t… maybe this weekend…  hmmm

  8. As fair warning, SP2 unless it is streamlined into the install will break the OS of anyone using a “pirated” copy of WinXP. If your serial number is not original (or uniquely given to you by an M$ operator and this sometimes even fails as mentioned below), be prepared for the good ole’ BSOD on reboot during installation of SP2. Don’t ask me how M$ knows which are pirated or not, but alot of people have had problems with that. Even people having to have their OS “phone-in” activated (As you might call the nifty phone number to have an M$ flunky verify your copy of WinXP and give you a cd key.) by M$ themselves seem to have problems with SP2 thinking it is a pirated copy and breaking it.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.