November 11, 2004
SUNNYVALE, Calif. -- Fortinet - the confirmed market leader in Unified Threat Management and only provider of ASIC-accelerated, network-based antivirus firewall systems for real-time network protection - today announced that its FortiGateT systems protect against the latest MyDoom worm variant, W32/Mydoom.AH-mm, also known as Bofra B. The latest MyDoom variant, which is similar to the previous MyDoom worm named W32/Mydoom.AG-mm and also known as W32/Bofra.C, uses the same infection vector targeting pre-Windows XP Service Pack 2 machines, including machines running general Microsoft Windows and systems offering TCP services.
W32/Mydoom.AH-mm is a mass-mailing worm that implements a Microsoft Internet Explorer IFRAME buffer overflow vulnerability. The worm sends an email to targets, including a hyperlink to the infected system. If recipients of the message follow the hyperlink, the infected system then delivers exploited HTML content, downloads a copy of the virus to the target's machine and runs the virus. Fortinet currently rates the latest MyDoom variant a Level One worm, but notes it has the potential to be a higher threat in the future.
Fortinet issued the following new signatures to help block the buffer overflow by the latest MyDoom variant:
You May Also Like
5G Transport & Networking Strategies Digital Symposium.Oct 26, 2023
Improve Service Efficiency in the Call Center and Field with Slack AutomationOct 13, 2023
Open RAN Evolution Digital Symposium Day 1Jul 26, 2023