Antivirus scanning update for WMF



I hung on to the last batch of 20 wmf exploit samples I had been working with for the purpose of testing my clamantivirus install against them to see when “full detection” of all 20 had been acheived. Last night, with version 1227 of the daily.cvd database, they were still detecting 8 out of the 20. Now, the signatures seem to have improved as with version 1228 of daily.cvd clamav detects all 20 as Exploit.WMF.Gen-3 FOUND


This improves the chances that those using squid with clamav scanning for web browsing have a better chance against it. That’s good news.

The bad news is that there’s been an update to the metasploit module for this exploit since those were created. Unfortunately Clamantivirus is now 0 for 20 with files from the new module. The metasploit update was reported to breeze pass current IDS signatures. Not good.

Related Posts

Blog Traffic Exchange Related Posts
  • System patching 0-days and ancient-day vulnerabilities There's a good article at Michael Sutton's Blog which points out something that really makes sense and I think many people are aware of, but with all the buzz that a new previously undisclosed vulnerability has, we forget. The point is this, there are plenty of machines online vulnerable to......
  • Multiple Apple updates as Mac goes to version 10.4.8 Apple is fixing 15 security flaws with the 10.4.8 version upgrade of Mac OS X. (There is a second update as well.... Security Update 2006-006). In typical fashion there are a bundle of issues in these updates. Several address remotely exploitable vulnerabilities. According to Incidents.org 10.4.8 addresses the following.... -......
  • WMF Exploit -- it's worse... This is going to be a rough start to the new year for IT staff and computer users.... There's coverage at Incidents.org, the sunbeltblog and f-secure of the latest twist in what will likely be a BIG mess to clean up. It looks like there's a someone spamming emails to......
Blog Traffic Exchange Related Websites
  • Solidifying WP Security Designed with PHP, and powered by mySQL directories, WordPress is used by an amazing 8.5% of all websites. Web delivered spyware and web page hacking are becoming progressively more common. With such a lot of web content using WordPress as a CMS, any security weaknesses in the CMS structure or......
  • The Complete Yachtmaster: Sailing, Seamanship, and Navigation for the Modern Yacht Skipper by Tom Cunliffe This week I am posting the book review early as Friday is a holiday. Happy 4th of July all! Although this book was written primarily for the UK market, there is still plenty of great advice for boaters around the world and it can easily be adapted for owners in......
  • Why Choose The Best Web Browser For Online Security Web browser is the prime software to connect yourself to the world wide web. Now most of the companies are increasingly putting more and more services on their website and ask their customer to take active part online. Secured browser means keeping your computer free from the virus, spyware and......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site