OK folks. I am killing this whole Melissa/Macro Virus thread unless someone has something really constructive to add (like a free antivirus). The thing has gotten enough play, everyone's mother has already heard of it, the AV vendors are working to add every possible mutation of the thing to their signature files, and the truth is that is does not represent a new vulnerability (except the fact that is exploits a trust relationship between the sender and receiver). I'll take this time to remind everyone that viruses as annoying and destructive as they can be are nothing more than the symptom of the of a vulnerability, not the vulnerability itself. AV vendors can't "fix" the problem anymore than vulnerability scanner vendors can fix vulnerabilities. They will always be behind the curve and playing catch up while releasing a never endless stream of updates to their signature files for a modest fee. They are trying to cure the symptoms, not the decease. If you really want this issue to be resolved you will start asking your vendors for reasonably secure solutions in the first place instead of depending on whole industries to alleviate the deficiencies of those products. -- Aleph One / aleph1at_private http://underground.org/ KeyID 1024/948FD6B5 Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:41:18 PDT