Full Disclosure mailing list archives
Question re: Macro Virus behaviour
From: "Kelly Robinson" <caliana1989 () gmail com>
Date: Sun, 7 Oct 2007 16:05:33 +1000
An MS Word file on your computer has a size of 356 KB and a *modified* date of 19 June 2007 3:37:51 PM. Moreover, the file has been certified clean (i.e., uninfected) at this point by an infallible AV scanner. After a highly-publicised virus outbreak, you examine this file's properties again and notice it is still 356 KB with the same *modified* date and time. Can you safely conclude it has not been infected without checking it with your AV scanner? Why or why not?
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Question re: Macro Virus behaviour Kelly Robinson (Oct 07)
- Re: Question re: Macro Virus behaviour gjgowey (Oct 07)