Latest Bagle varient spreads in password protected rar files
Chris Yuzik
chris at FRACTALWEB.COM
Mon Mar 15 06:09:06 GMT 2004
Hi everyone,
So now what do we do? Do we ask Julian to somehow work his magic again
and give us the option of disabling password protected RAR files? And if
so, while he's at it, do we get him to add in support for disallowing
password-protected ARJ, TAR, TGZ, Tar.bz2, bh (blackhole archives???
I've never even heard of these), and JAR? Perhaps that's precisely
what's needed. I'd be interested in other people's thoughts.
Cheers,
Chris
Kevin Spicer wrote:
>http://www.sophos.co.uk/virusinfo/analyses/w32baglen.html
>
>Guess it was only a matter of time. Although it isn't mentioned on the
>Sophos page its been reported on the clam list that the virus can
>present the password as an image. I'm blocking rars right now (don't
>think we really have many people using them anyway)
>
>
More information about the MailScanner
mailing list