May ba a mutte point by the time you all get this.... but the analysis of the Bizex worm currently is that it infects via ICQ, however it takes advantage of browser vulnerabilities in IE.
the next obvious path is to send this link via email...currently appears down... Is there a list of known bad URLS or SPAM related URLS that could be accessed as part of the uri-body inspection? A central db of these bad URI/URLs could provide an extra step of value like DCC/Razor does.... Just a thought and added curiosity... CT
