The November edition of Microsoft’s monthly security patch day yielded only a single, non-critical patch for a security issue last week (see related story below). Don’t let your guard down, however. There are at least three other, far more dangerous security exploits that are currently making the rounds on the Internet and demanding your attention.
New MyDoom worms burrow into IE 6
The first is a new version of the so-called MyDoom worm that takes advantage of a security flaw in Internet Explorer (IE) to spread. Like previous versions of MyDoom, the new versions, dubbed MyDoom.AG (and MyDoom.AH, MyDoom.AI, and Bofra.C), spread via e-mail. But instead of using an attachment-based attack, where the worm is delivered with the email, the new version is triggered when you click a hyperlink in the e-mail message.
In other words, the code executes in your system via IE, not your e-mail application. Because antivirus applications are typically configured to look for this worm in e-mail attachments, MyDoom.AG can sometimes slip past AV defenses.
The new worm affects all modern Windows versions, including Windows 95, 98, Me, XP, NT, 2000, and Server 2003.
In an overview of the attack, News.com notes that this isn’t the first time malicious software has used an unpatched flaw in a Microsoft product to launch an electronic attack. Earlier this year, a malicious adware writer exploited two known but unpatched flaws in IE to distribute a toolbar that launched pop-up advertisements.