Re: [Declude.Virus] Question concerning SKIPEXT and GDI+ Vulnerability detection

[Matt]

Thank you! Matt Panda Consulting S.A. Luis Alberto Arango wrote: Short answer: MSFT GDIPlus.DLL Vulnerability detection will run with our without SKIPEXT. Long Answer: The GDI vulnerability was added to Declude in version 1.8 -September 2004- and some corrections were added in version 1.81. http://www.declude.com/Articles.asp?ID=122 This statement from Scott -Declude Former owner- will answer your question. The Microsoft GDIPlus.DLL JPEG Vulnerability detection will occur whether or not SKIPEXT is enabled. So no config file changes would be necessary after upgrading the Declude.exe file, once it is ready. -Scott I hope this answers your question, bye Luis Arango -----Original Message----- From: [EMAIL PROTECTED] [mailto:Declude.Virus- [EMAIL PROTECTED]] On Behalf Of Matt Sent: Viernes, 06 de Mayo de 2005 11:57 a.m. To: Declude.Virus@declude.com Subject: [Declude.Virus] Question concerning SKIPEXT and GDI+ Vulnerability detection To my good buddies at Declude :) (ok, you made me very happy twice yesterday) I understand that SKIPEXT JPG would cause files with JPG extensions to not be scanned with the virus scanners, but would that also disable the JPG/GDI+ Vulnerability detection? Many of us stopped skipping JPG's and other associated files when the GDI+ exploits were first discovered, but they seem to have become duds as far as actively spreading viruses (though I have seen them on sites linked to in spam as a way to install spyware). JPG's however are fairly common in E-mail and it would be a big improvement to be able to skip scanning them, and if we were protected with the vulnerability detection, I would feel comfortable turning off virus scanning of JPG's until a mass-mailing virus is seen. I wouldn't want to leave myself completely unprotected however. Thanks, Matt -- ===================================================== MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ ===================================================== --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com. ______ [Email scanned for viruses by Panda Consulting -www.pandacons.com-] [Email escaneado contra virus por Panda Consulting -www.pandacons.com-] ______ [Email scanned for viruses by Panda Consulting -www.pandacons.com-] [Email escaneado contra virus por Panda Consulting -www.pandacons.com-] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com. -- ===================================================== MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ =====================================================