Computer Associates' InoculateIT for Windows NT v4.53 does not properly scan for viruses, leaving your network vulnerable. No solution available from CA yet, but then that's no surprise it is?
c0ccda2cbc0bfedd37051628ba716dc573e8a5789a63f34ff02d0f707c549f41
Date: Wed, 12 May 1999 09:52:59 -0500
From: Bob Duffett <Bob.Duffett@CCC.UAB.EDU>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: InoculateIT 4.53 Real-Time Exchange Scanner Flawed
Manufacturer: Computer Associates
Product: InoculateIT for Windows NT v4.53 Build 169, Agent for
Microsoft Exchange
This product has a major defect.
We have it running on our Exchange Server
with 1,300 mailboxes yet viruses keep spreading directly from email. I
did some investigating tonight and found the problem.
It is ONLY scanning the Inbox folder tree. This would sound simply like
a poor design but it is MUCH worse.
The Inbox Rules Wizard can store the user's rules on the Exchange Server
which will move a message to a specific folder without the message ever
being placed in a user's inbox. This causes it to comletely by-pass the
InoculateIT Real-Time Scanner.
My CA rep confirmed the problem with CA support who had no work-around
available at this time.
Bob
University of Alabama at Birmingham
Cancer Center Technical Services Facility (CCTSF)
mailto:Bob.Duffett@ccc.uab.edu