The variant, dubbed MyDoom.b, is being circulated by computers infected with the original MyDoom, according to Kaspersky. The new version is identical to MyDoom, but includes www.microsoft.com in the targets of its DDoS component, along with www.sco.com. Both attacks are programmed to begin Feb. 1 and continue through Feb. 12.
MyDoom.b also has been modified to make it more difficult for users to remove the malware. "The worm modifies the operating system to prevent users from reaching many anti-virus vendors' sites, security-related news sites and various sections of the Microsoft site, as well as downloading data from banner networks," Kaspersky said in its analysis.
We have made performance monitoring for www.microsoft.com available, and should any outages occur, notifications will be sent to the same list as for the SCO site.