F-Prot Response

[Jared]

This list moves so fast, that I'm not sure if someone already posted
this, but I just got a response from frisk/f-prot in regards to dealing
with password protected zip files.

Here it is:
----------------------------------
Hello and thank you for your mail.

Later today we will release a new version of all F-Prot Antivirus
products
for UNIX based platforms. These newest versions are our response to the
multiple outbreaks of recent days and provide improved scanning of
encrypted
executables and password protected ZIP archives. The improved scanning
technique provided in these versions allows F-Prot Antivirus to better
detect potentially damaging executables hidden in these archives and
flag
them as such.

In addition, scanning of all archives, whether password protected or
not, is
now a default setting in these versions. This setting can be changed by
users and network administrators. More information on modifying these
settings can be found in the F-Prot Antivirus for UNIX man pages
(f-prot.1
and f-protd).

These changes may result in a small number of false positives if
legitimate
executables of a certain length are sent within password protected ZIP
archives. However, we recommend that users of F-Prot Antivirus for
Linux,
BSD, Solaris SPARC, Solaris x86, AIX on IBM pSeries and Linux on IBM
zSeries
systems update their programs to these newest versions as soon as it is
released.

Best regards,
Kolbrun Valbergsdottir
F-Prot Antivirus Tech Support
----------------------------------