You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Bob Proulx <bo...@proulx.com> on 2010/05/03 17:29:49 UTC

Re: new PDF "Launch" malware exploit (with sample)

Rosenbaum, Larry M. wrote:
> > d.hill wrote:
> > Um... The OP did not send malware to the list. A link was supplied to
> > the original message. You must have a scanner set up to follow links.
> > That isn't a good idea, in my opinion.
> 
> There was some code in the message, right after the "Here's just the
> nifty Launch part" paragraph.  Perhaps it's not dangerous in a text
> message, but Forefront didn't like it anyway.

This was a false positive in your scanner.  It was safe as written by
the original poster.

Bob