The UK Government learned Melissa's Ultimate Lesson. The Register reported today1 that UK firm Messagelabs caught e-mail messages intended for UK government recipients with Windows Metafile exploted attachments before Microsoft released a patch to correct the WMF vulnerability in Windows XP.
While John Leyden seemed more interested in the theme of repeated and increased attacks from Chinese hackers, especially since US security firms hand virus technology to the PRC regularly, I was far more interested in how Messagelabs caught the offending messages.
Unfortunately The Register didn't include a date, only stating it occurred before January 5, 2006. Surely by that time, anti-virus vendors released updates to their products. Messagelabs likes to brag about how effortlessly they can catch zero-day exploits in e-mail, but they're not the only ones capable of catching unwanted software before the fact.
I'll risk a few downvotes by saying my own firm also effortlessly caught this exploit before the fact.2 But I'm not daylogging this just to risk a short ad blurb. Rather, I'm daylogging this so E2 readers know I'm not kidding. We can stop these things before the fact.
- http://www.theregister.co.uk/2006/01/24/uk_gov_wmf_attack/ -- John Leyden of The Register
- http://www.pan-am.ca/antiwindowscatalog/?mode=rant&id=26 -- Myself