Re: Exploiting Multiple Flaws in Symantec Antivirus 2004 for Windows Mobile

[Bipin Gautam <door_hUNT3R () blackcodemail com>]

Eicar test virus (eicar.exe) into RAM, the scanner does not
detect it. It is not until you "save" a copy of a file with the Eicar
to your file system does Symantec detect it.  So it is not real-time
scanning of viral code, but rather just a simple monitor to activate
a scan any time a file is saved. 

--------------------------
yap, not only in windows ce but i have seen this thing in NAV for  windows xp
too...

[the NAV EXPLOIT discussed in the previous email uses/gives the similar result...

_____________________________________________________________
Secure mail ---> http://www.blackcode.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html