This one is apparently bad. Code is in the wild and they expect for
some to start exploiting it. All versions of IE are affected except for
the IE 7 beta 2 that was released 4 days ago. There are no patches out
yet for the other versions of the browser. You cannot be infected
through Outloo
Hi;
We are having a
major problem. A large number of emails are getting caught with the
following message:
Containing: Possibly a new variant of JS/
virus
In: [HTML segment] attachment
I have
added:
ALLOWVULNERABILITY JS
but it is not
working. Almost every HTML email and newsletter
Kami,
You might want to post your full Declude Virus log snippet for one such
message and identify both your Declude version and your virus scanners.
Matt
Kami Razvan wrote:
Hi;
We
are having a major problem. A large number of emails are getting
caught with the following me
Hi Matt..
thanks for your quick reply. Here is the virus log
entries:
03/24/2006 14:34:08.042 q49aa01741b4f.smd Vulnerability flags =
003/24/2006 14:34:10.777 q49aa01741b4f.smd Virus scanner 1 reports exit
code of 003/24/2006 14:34:11.871 q49aa01741b4f.smd Virus scanner 2
re
Kami,
This is F-Prot that is detecting this and not Declude. I believe that
the reason is the "/PARANOID" switch that you are using. This is not a
commonly used switch and it's not documented in the executable's help.
Here's my config for F-Prot. I believe this should stop your issues if
y
Hi Kami,
I've in use F-Prot 3.16f (latest version) here and can't
find any appearance of "Possibly a new variant
of JS" in my logfiles.
Markus
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kami
RazvanSent: Saturday, March 25, 2006 12:32 AMTo:
Declude.
Hi Matt & Marcus..
Many thanks for your response.. I changed my config
file to see if that resolves the problem.
This problem comes and goes.. & a lot of web forms
appear to be having this issue.
I added Matt's config file to see if that
helps..
thanks
Kami
From: [EMAIL PROTECTED]