Sophos’ anti-virus software can be bypassed by a virus-laden e-mail if it doesn’t contain any MIME boundary definitions, the company has admitted. MIME, or Multipurpose Internet Mail Extensions, is the basic protocol used for sending graphic, audio and video on e-mail. But Sophos has found that Delivery Status Notifications generated by qmail mail servers (the second-largest in number on the Net) that are infected with the MyDoom virus slip through the anti-virus software undetected. Only qmail servers set up to include the original e-mail in the bounced e-mail will not include MIME boundary definitions and so slip through. But it still remains a significant security hole considering the number of qmail servers (around one million) and that the impact of many modern viruses and worms come from the emails automatically created by their appearance. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.