Latest Version of MyDoom Exploits New IE Flaw

techentin writes " CNN Money is reporting a new and improved MyDoom variant which is spread by a hyperlink in email. Clicking the link connects the user to an infected machine, which exploits a recently discovered buffer overflow in Internet Explorer. McAfee has a more detailed description. Is this yet another good reason for running Firefox?" CNET also has a story.

ClamAV stopped this 5 hours ago

[jtsoong]

After seeing this posted i checked my pattern files on the mail server.

Happy to see that ClamAV had the pattern files through a cron job 5+hours ago.

Scary social engineering

[GQuon]

This isn't about this particular worm, but recently made it though my spam filters and IDS:
----
Re: my bill
From: [from address, probably spoofed]
To: [My adress]

Requested file.

+++ Attachment: No Virus found
+++ [Name of antivirus software] - [website of antivirus software]

bill.zip
-----
The zip contained a pif file with a .rtf ending.

Particularly scary social engineering, since it claims to be from an anti-virus company that I'm actually familiar with.

A few more features needed in Firefox.

[deemaunik]

I love Firefox, but I need it to have a similar feature to Avant... wherein it can be minimized and hidden in the Tray/Time area. Saved me alot of time in closing and opening windows. Maybe I'll ask for it on the boards. Hmm.

"Whassat Boss? *Minimizes browser to tray* Nah, just working on the company project. Not browsing Slashdot. Waste company time? Perish the thought."

Re:CNN Story

[AKAImBatman]

I believe I put it as, "lack of security issues like the one pointed out by CNN" as well as "It helps protect against Spyware". It's true that FireFox is not invulnerable (e.g. the download bug), but it's nearly there for most users.

Remember how FireFox handled the download bug? Old copies of the browser would actually be redirected to an auto-update site. Click a button, wait for a few kb download, and voíla! A secure browser. :-)

buffer overflow protection?

[hey]

How can McAfee have a simple checkbox that turns on
buffer overflow protection:
http://vil.nai.com/vil/images/vse80i- bo-config.gif

I mean if my program has a buffer and I want
to overflow it have can they stop it. The screenshot mentions APIs so make it just knows about the Win32 APIs.

McAfee VirusScan

[Vermyndax]

The *real* ironic twist to the story is that newer versions of McAfee VirusScan that Dell has been shipping requires Internet Explorer to be installed... and uses it to run the control center windows.

Now how's that for secure?

I may never, ever figure out the mentality of that decision.

Re:Are any of you forgetting..

also it uses an awful lot of 'real estate' that could be used for web pages.. 1/3 of the screen is way too much just for tabs. Eventually I fear that the browser buttons and other "features" will take up the entire window leaving a pixel high line for the page itself..

I know there's probably a way to reduce the size, but why bother when firefox is right there with very little wasted space starting with install?

Re:sp2

[jerw134]

SP2 is not vulnerable, you're correct. But it's not because of the firewall. This problem just doesn't exist in SP2.

Re:CNN Story

[gunnk]

It's true that any piece of software can have security issues, but IE will ALWAYS be the most dangerous browser you can run for one simple reason:

It is also your file system browser.

Integrating a web browser (i.e. the program that messes around with places of questionable authenticity) with your file system browser (the program that connects with your most sensitive files) is just insane from a security point of view.