Password-protected Zip files can now be scanned...
Published: 5 March 2004 10:00 GMT
Security firms have started updating their products with more sophisticated techniques aimed at getting inside the encrypted attachments in which the Bagle worm has spread.
Recent versions of the Bagle worm have bypassed corporate gateway security because they are distributed in password-protected Zip files, which are next to impossible for antivirus programs to scan. Emails infected with the Bagle worm, however, contain the password required for opening the Zip file.
On Wednesday, antivirus vendors BitDefender and Kaspersky Labs both launched updates enabling their software to open any encrypted attachments using the password contained in the email text. Once the file is decrypted, it is treated as an executable file and scanned normally.
Eugene Kaspersky, head of antivirus research at Kaspersky Labs, said: "This new technology protects users from a new generation of worms, specifically worms that hide in password-protected Zip files. Five worms using this technique appeared within only four days - a new trend has been set in the computer underground," he said.
Viorel Canja, head of BitDefender Labs, said in a statement: "We have developed an engine tasked with finding the Zip password in the email text. Most AV products could only offer protection after the archive is extracted; that could be a little too late for inexperienced users," he said.
Network Box, a security appliance vendor that licenses Kaspersky's antivirus software, has updated its gateway product to include complete protection against Bagle, which the company said is a first.
Simon Heron, director of Network Box, told ZDNet UK the product combines Kaspersky's software with Network Box's own technology to deal with the latest Bagle mutations at the network perimeter.
According to Heron, this does mean the gateway is fractionally slower. "The worst case scenario is we will take 50 milliseconds extra to parse an email that has a password-encrypted attachment. We don't think this is a problem," he said.
Munir Kotadia writes for ZDNet UK
Uh... I'm no legal expert, but doesn't cuurent int...
Anonymous
We have been using Panda Antivirus which has alrea...
Anonymous
They're not breaking the encryption, they're just ...
Anonymous
How can it be a problem to open a zip file when th...
Anonymous
Actually, it might be against the law, so any emai...
anonymous
The Software Localisation engineer must have attention to detail and the ability to create and adapt.The Localisation Engineer performs general ...
As a Linux administrator your duties will include but not be limited to: Set-up files storage with the proper permissions Provide security and ...
Identifies and prepares files for localisation. Manages files using version control systems. Generates word counts for files to be translated. ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Is Your Enterprise Architected for Tomorrow's Growth?
Improving IT service delivery through an integrated approach to software asset management...
TechRepublic Resource Guide: Software as a Service (SaaS) for Small and Midsize Businesses...
Download a Free Trial of SmartDraw: Learn why SmartDraw is the ideal alternative...
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy