W32.Mydoom.AX@mm (also known as: W32/Mydoom.bb@MM [McAfee], WORM_MYDOOM.BB
[Trend Micro]) is a mass-mailing worm that uses it own SMTP engine to send
email to addresses that it retrieves from the Windows Address Book on the
infected computer. It also attempts to spread through file sharing
Symantec discovered this worm late this afternoon, and has graciously
waited until 11pm Eastern to upgrade this worm to a level 3/medium threat
due to prevalence.
Our central antivirus servers have been updated with virus definitions to
detect this worm, and are pushing out the virus definitions to computers
with Symantec Antivirus managed/on-campus version. Currently there is no
stand-alone tool from Symantec or an updated Stinger tool which will clean
the worm, so be sure your virus definitions are at least 2/16/2005 rev 35
or higher to protect against this worm. When one becomes available it
will be posted to the www.uvm.edu/antivirus/faqs site.
More information about this worm is available at:
[log in to unmask]" target="_blank">http:[log in to unmask]
We block all file types mentioned from being delivered to @uvm.edu
addresses except .zip files so please be careful with .zip files (always a
good idea) and with attachments received to your email addresses other
than the one ending in @uvm.edu.
Questions or problems regarding W32.Mydoom.AX@mm should be directed to CIT
Helpline at [log in to unmask] or 656-2604, or to your department's IT staff