Doherty
Sent: Tuesday, November 09, 2004 9:36 PM
To: Undisclosed-Recipient:;
Subject: [Declude.JunkMail] New virus with unusual deployment
Hi, all -
Heads up!
There is a new variant of the MyDoom virus that does not work in the usual
way.
Previous MyDoom virii have attached the virus
: RE: [Declude.JunkMail] New virus with unusual deployment
Doesn't the newer versions of Declude Virus catch the IFRAME vulnerability?
Isn't this a post for the virus list?
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
-Original Message-
From: [EMAIL PROTECTED
, Andrew [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, November 10, 2004 10:44 AM
Subject: RE: [Declude.JunkMail] New virus with unusual deployment
For what it's worth, I don't have the Declude Virus product. The Declude
Virus product may catch the IFRAME technique in HTML, but you won't
: [Declude.JunkMail] New virus with unusual deployment
Thanks, Andrew-
That is exactly why I gave this wider dissemination than I normally would
do. The email is completely innocuous, nothing to detect, except for the
link, which I believe will change as to IP address and port
Hi, all -
Heads up!
There is a new variant of the MyDoom virus that does not work in the usual
way.
Previous MyDoom virii have attached the virus payload to an email message.
The new variants (AH and AI, so far) simply include links to infected
machines. The links exploit the Internet Explorer