-=PCTechTalk=- What You Should Know About the Mydoom Worm
- From: "Lionel." <percy10@xxxxxxxxxxxxxxx>
- To: <pctechtalk@xxxxxxxxxxxxx>
- Date: Wed, 28 Jan 2004 16:55:00 +1100
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
What You Should Know About the Mydoom Worm
=20
Microsoft.com Home | Site Map=20
=20
=20
Search Microsoft.com for:
=20
=20
=20
Security & Privacy Home =20
Trustworthy Computing =20
Home Users =20
IT Professionals (TechNet) =20
Developers (MSDN) =20
Businesses =20
Partners =20
Microsoft Privacy Policies =20
Worldwide Security Sites =20
=20
=20
=20
=20
=20
=20
=20
=20
=20
=20
Security & Privacy Home > Antivirus Information=20
=20
What You Should Know About the Mydoom Worm
Published: January 27, 2004
=20
Why We Are Issuing This Alert
W32/Mydoom@MM spreads through e-mail. This worm can disguise =
the sender's address, a tactic known as spoofing, and may generate =
e-mail messages that appear to have been sent by Microsoft. Many of the =
addresses Mydoom uses are valid addresses that are being spoofed for =
malicious purposes.
Technical information about the virus is available from =
antivirus vendors participating in the Microsoft Virus Information =
Alliance (VIA). The Mydoom worm is also known by the names Novarg, =
Shimg, and Mimail.R.
If you ever receive a questionable e-mail message that =
contains an attachment, do not open the attachment. If you cannot =
confirm with the sender that the message is valid and that the =
attachment is safe, delete the message immediately. If you receive a =
questionable message that purports to be from Microsoft, you should be =
aware that Microsoft never distributes software through e-mail.
Affected Products=20
a.. Microsoft=AE Outlook=AE=20
b.. Microsoft Outlook Express=20
c.. Web-based e-mail programs=20
=20
How to Help Protect Against This Worm
To avoid infection, you should block harmful attachments at =
your Internet mail gateways. For this worm, block all attachments with =
the .zip extension. Additionally, you should use the features in the =
latest versions of Outlook and Outlook Express to block harmful =
attachments.
For Outlook 2000 and Outlook XP
Outlook 2000 Service Pack 3 (SP3) and later and Outlook XP =
SP1 include the most recent updates to improve the security in Outlook =
and other Microsoft Office programs. This includes a feature that blocks =
potentially harmful attachment types. This feature can be configured to =
block zip file attachments but does not do so by default.
a.. Get the latest Office product updates=20
By default, Outlook 2000 prior to Service Release 1 (SR1) =
and Outlook 98 did not include this feature, but it can be obtained by =
installing the Outlook E-Mail Security Update.
a.. Get the Outlook E-Mail Security Update=20
For Outlook 2002
a.. Learn which attachment types are blocked in Outlook =
2002=20
For Outlook Express 6
Outlook Express 6 can be configured to block potentially =
damaging attachments.
a.. Learn about virus protection features in Outlook =
Express 6=20
For Earlier Versions of Outlook Express
Earlier versions of Outlook Express contain no =
attachment-blocking features. Users of these products are strongly =
encouraged to upgrade to the latest version and to use extreme caution =
when opening unsolicited e-mail messages with attachments.
For Web-Based E-Mail
If you use Web-based e-mail, you should install a =
third-party firewall to help protect your computer from this worm.
What to Do If You Think Your Computer Is Infected
1.. If you think your computer is infected, first try =
going to your antivirus software vendor's website to get the latest =
updates. You might be able to update your virus definitions to detect =
and remove the virus. Going forward, be sure to keep your virus =
definitions current to avoid infection.=20
2.. If your computer has been infected and you need =
technical assistance, contact your antivirus vendor or Microsoft Product =
Support Services for help removing the worm.=20
a.. For Microsoft Product Support Services within the =
United States and Canada, call toll-free (866) PCSAFETY (727-2338).=20
b.. For Microsoft Product Support Services outside the =
United States and Canada, visit the Product Support Services Web page.=20
Get More Technical Details
Get additional details on this worm from antivirus software =
vendors participating in the Microsoft VIA:
a.. McAfee=20
b.. Trend Micro=20
c.. Symantec=20
d.. Computer Associates=20
What the Severity Ratings Mean
Critical. A vulnerability related to a Microsoft product has =
been found, or an update is unavailable; two or more vectors of =
infection are known; a new vector of infection is possible; the =
distribution potential is high; unique data destruction can occur; and a =
significant disruption of service has occurred.
Moderate. A potential vulnerability related to a Microsoft =
product has been found; two or fewer vectors of infection are known; a =
new vector of infection is possible; the distribution potential is =
medium to high; unique data destruction has not occurred; and =
significant disruption of service has not occurred.
Low. Vulnerabilities related to Microsoft product have not =
been found; only one vector of infection is known; new vectors of =
infection have not been found; the distribution potential is low; unique =
data destruction has not occurred; and significant disruption of service =
has not occurred.
=20
Severity
=20
=20
--------------------------------------------------------
=20
Impact of Attack
a.. Mass mailing=20
=20
=20
=20
Related Links
a.. Technical Virus Alerts=20
=20
=20
=20
Glossary Terms
Click the term to get the definition from our =
Security and Privacy Glossary.
a.. spoof=20
b.. Trojan horse=20
c.. virus=20
d.. worm=20
=20
=20
=20
=20
=20
=20
Manage Your Profile |Contact Us |E-Mail This Page
=A92004 Microsoft Corporation. All rights reserved. Terms of Use =
|Privacy Statement=20
=20
To unsub or change your email settings:
//www.freelists.org/webpage/pctechtalk
To access our Archives:
http://groups.yahoo.com/group/PCTechTalk/messages/
//www.freelists.org/archives/pctechtalk/
For more info:
//www.freelists.org/cgi-bin/list?list_id=pctechtalk
Other related posts:
- » -=PCTechTalk=- What You Should Know About the Mydoom Worm
