FortiGate Secures Systems From MyDoom

by CXOtoday Staff    Nov 19, 2004

Fortinet, announced today that its FortiGate systems can provide protection against the latest MyDoom worm variant, W32/Mydoom.AH-mm, also known as Bofra B.

The latest MyDoom variant is similar to the previous MyDoom worm named W32/Mydoom.AG-mm also known as W32/Bofra.C.

It uses the same infection vector targeting pre-Windows XP Service Pack 2 machines, including machines running general Microsoft Windows and systems offering TCP services.

W32/Mydoom.AH-mm is a mass mailing worm that implements a Microsoft Internet Explorer IFRAME buffer overflow vulnerability. The worm sends an email to targets, including a hyperlink to the infected system.

If recipients of the message follow the hyperlink, the infected system then delivers exploited HTML content, downloads a copy of the virus to the target’s machine and runs the virus.

Fortinet currently rates the latest MyDoom variant a Level One worm, but notes it has the potential to be a higher threat in the future.

Tags: Fortinet