W32.MyDoom Viruses

November 9, 2004

There are 2 new variants of the MyDoom family of viruses that have been found at Virginia Tech. Both variants are mass-mailing worms which exploit the Microsoft Internet Explorer Malformed IFRAME Remote Buffer Overflow Vulnerability. The worm also spreads by sending a mass-mailing to the email addresses that it finds on the infected computer.

WARNING: Do not click on the links in these messages.

Removal

Symantec has released removal instructions for these viruses:
http://securityresponse.symantec.com/avcenter/venc/data/w32.mydoom.ai@mm.html.

http://securityresponse.symantec.com/avcenter/venc/data/w32.mydoom.ah@mm.html.