Using Sybari? Check your Scanallattachments setting

By Roger on January 1, 2006 11:29 PM | | Comments (0) | TrackBacks (0)

Sybari (or is that Microsoft) sent out a security bulleting relating to WMF viruses. They are calling it WMF/Exploit.b, Alias: Exploit-WMF trojan, Exploit.Win32.IMG-WMF.a, Troj/DownLdr-QB

But most importantly, they warn:

****PLEASE NOTE****
For Windows platforms, users must set the "ScanAllAttachments" registry value to 1 for this filetype to be detected.

Domino Users:
For Domino, the following can be done:
1. Open the "notes.ini" file.
2. Add the ".JPG" and ".WMF" extension to the "AntigenAveExts" parameter.
3. Save the file.
4. Recycle services.

I always thought it a little sketchy that by default Sybari scans specific file types only. Hopefully Exchange performance wont grind to a halt when this change is made.

Categories

Antivirus

0 TrackBacks

Listed below are links to blogs that reference this entry: Using Sybari? Check your Scanallattachments setting.

TrackBack URL for this entry: http://www.infosecblog.org/mt-tb20071121.pl/45

Leave a comment

Powered by Ajax Comments

About this Entry

This page contains a single entry by Roger published on January 1, 2006 11:29 PM.

Ah Sweet Vindication was the previous entry in this blog.

Happy New Year is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Subscribe to feed Subscribe to this blog's feed
Add to Google
Please contact me by leaving a comment where appropriate. Otherwise, you can click here to reveal an email address for me.
Got Backups? Get Safe Online Remember Rick Rescorla Powered by Movable Type 4.23-en

Search