>Question for Scott:
>Does the new mime exploit processing work like banned extensions? Does the
>message have a chance to be scanned and assigned a "real" virus name
>before the "Outlook 'MIME Header' Vulnerability" name is assigned?
Yes, the virus detection will still take precedence. For example, if you
are catching the Klez virus now and using LOGLEVEL MID, you'll see an
"Outlook MIME exploit" message in the logs, that shows the MIME type that
is being used and the name of the file (and extension). For example:
Outlook MIME exploit: type=audio/x-wav, name=openme.pif
but, in the virus notification, you'll see the virus as "Klez".
-Scott
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus". You can E-mail
[EMAIL PROTECTED] for assistance. You can visit our web
site at http://www.declude.com .
