funsec mailing list archives
RE: RE: funsec Office 2007 has 0 security issues
From: "David Harley" <david.a.harley () gmail com>
Date: Fri, 13 Apr 2007 17:00:04 +0100
Many are, (obviously) flagging Word 2007 docs as compressed files but treating them AV policy-wise as normal zips lacking flexibility in selective scanning of the files IN a compressed file. I'm curious if Trend Micro, Symantec, McAfee etc has addressed this yet.
The last time I had to look at this issue, some major vendors already had some capacity for selective scanning/blocking within .ZIPs etc. Not the product that was wished on me at the time, unfortunately. My only option was to block or not block them, irrespective of what they contained and whether they were encrypted. A combination of stone-age filtering, clueless service providers, and confused upper-echelon managers.
Blocking isn't an option for large enterprises that rely on Word and other Office docs for functionality.
Indeed. I'm getting a nasty case of deja vue here, not to mention a familiar buzzing in the bonnet. The real issue is that "normal" email isn't a safe/suitable medium for file transfer: but that war was lost years ago... -- David Harley BA CISSP AVIEN Guide to Malware: http://www.smallblue-greenworld.co.uk/pages/avienguide.html New botnet book: http://www.syngress.com/catalog/?pid=4270 Security Bibliography: http://www.smallblue-greenworld.co.uk/pages/bibliography.html Articles: http://watersidesyndication.com/inbusiness/; http://dharley.wordpress.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- RE: RE: funsec Office 2007 has 0 security issues, (continued)
- RE: RE: funsec Office 2007 has 0 security issues Nick FitzGerald (Apr 10)
- RE: RE: funsec Office 2007 has 0 security issues David Harley (Apr 10)
- RE: RE: funsec Office 2007 has 0 security issues Larry Seltzer (Apr 10)
- RE: RE: funsec Office 2007 has 0 security issues David Harley (Apr 10)
- RE: RE: funsec Office 2007 has 0 security issues Nick FitzGerald (Apr 11)
- RE: RE: funsec Office 2007 has 0 security issues Larry Seltzer (Apr 12)
- RE: RE: funsec Office 2007 has 0 security issues Richard M. Smith (Apr 12)
- RE: RE: funsec Office 2007 has 0 security issues David Harley (Apr 13)
- Re: RE: funsec Office 2007 has 0 security issues Valdis . Kletnieks (Apr 13)
- RE: RE: funsec Office 2007 has 0 security issues David Harley (Apr 13)
- Message not available
- RE: RE: funsec Office 2007 has 0 security issues David Harley (Apr 13)
- Re: RE: funsec Office 2007 has 0 security issues der Mouse (Apr 13)
- Re: RE: funsec Office 2007 has 0 security issues Valdis . Kletnieks (Apr 13)
- Re: RE: funsec Office 2007 has 0 security issues der Mouse (Apr 13)
- Re: RE: funsec Office 2007 has 0 security issues Michal Zalewski (Apr 13)
- Re: RE: funsec Office 2007 has 0 security issues Ken Dyke (Apr 13)
- Re: RE: funsec Office 2007 has 0 security issues Brian Loe (Apr 13)
- Re: RE: funsec Office 2007 has 0 security issues Ken Dyke (Apr 13)
- Re: RE: funsec Office 2007 has 0 security issues Nick FitzGerald (Apr 13)
- Re: RE: funsec Office 2007 has 0 security issues Brian Loe (Apr 13)
- RE: RE: funsec Office 2007 has 0 security issues David Harley (Apr 14)