Beware of malformed MIME artists
The UK's top UK security co-ordination agency today warned of a series of vulnerabilities involving implementations of the Multipurpose Internet Mail Extensions (MIME) protocol within email and web security products. In a series of eight technical advisories the UK's National Infrastructure Security Co-ordination Centre (NISCC) explains how malformed MIME constructs might be exploited to allow attackers to bypass content checking and antivirus tools. MIME is a standard method for encoding email attachments so the extent of the problem highlights a gaping security hole that might be used by virus writers to smuggle hostile code past security defences.
By John Leyden at The Register.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.