Re: Anti Virus


 

On Sat, Nov 19, 2016 at 02:01 pm, Gene wrote:
Opening an attachment often automatically causes it to be executed. 
 
Gene

. . .

Sent: Saturday, November 19, 2016 2:45 PM
Subject: Re: [nvda] Anti Virus

hi gene,

opening the attachment isn't a problem. Executing the file is. I recieved a spam mail that contained a malicious javascript enclosed in a zip file.  My antivirus, avira, missed it. When I uploaded it to virustotal, I was the first one to upload it and only 2 antiviruses caught it.

And this again points up a number of the things I've been saying.

These days issues with infected attachments are few and far between because either the e-mail provider (e.g. Gmail), the individual user's antivirus/security suite, or both scan attachments before the end user can ever even get access to them and will remove them if they are determined to be infected.  Trying to spread something by e-mail attachment is an almost guaranteed failure.

The comment by Enes simply reinforces my point that if a particular piece of malicious software is new enough that it is not always going to be detected by any particular individual security scanner.  Depending on the timing of sample submissions, speed of analysis, timing of suites updating their definitions, etc., can determine whether something is quarantined or not.

Automatic execution of attachments is generally turned off these days by default because it had been so problematic in the early days as well.
--
Brian

Here is a test to find out whether your mission in life is complete.  If you’re alive, it isn’t.

    ~ Lauren Bacall

    


Join nvda@nvda.groups.io to automatically receive all group messages.