[Mimedefang] Virus File getting through...
Kevin A. McGrail
kmcgrail at pccc.com
Fri Feb 29 09:59:17 EST 2008
I've seen a new attack vector where a PDF file (from outward appearances)
contains a trojan called downloader BUT the pdf is embedded in a Word
Document.
This vector bypasses McAfee and Symantec for the word document but seemingly
catches the PDF file directly.
I've placed this file on a website:
***WARNING: THIS IS A MALICIOUS FILE****
http://www.peregrinehw.com/html/downloads/junk/word_document_with_virus-trojan-downloader.doc
***WARNING: THIS IS A MALICIOUS FILE****
Anyone have any thoughts about how to block this? I think ClamAV catches it
and I'm testing that but I'm looking for something more elegant if this
explodes as a new delivery method.
Regards,
KAM
More information about the MIMEDefang
mailing list