Showing results for 
Search instead for 
Did you mean: 
Level 11

ATD: Winword and embedded OLE objects

We have seen a larger amount of 0day E-Mails incoming with customer running Fortimail and Fortigate PLUS ATD and TIE.

ATD does not capture current Winword OLE malware around. Fortigate informed us that they are working on it. No comment from Mcafee to date.

0 Kudos
2 Replies
McAfee Employee

Re: ATD: Winword and embedded OLE objects

If you have a sample that ATD should have convicted but didn't, please follow to submit the sample for analysis.

0 Kudos
Level 11

Re: ATD: Winword and embedded OLE objects



* Fortigate

* Malwaremustdie

* Krebs

* Most malware analyse services

Do accept Malware with an Upload mechnism and a site.

With Mcafee for a Aplliance that Costs 80'000.- we can ONLY send the samples as ZIP files. Which by the way is very convient in today secure enviroments (95% block ZIP)

I am for sure not goind to use a corporate E-mail adddres to send in a sample. Ther eis no way we get that out of the building in an outbreak event.

We had that once with a large hospital unable to get a file to TIER X once we reached top support.

* Platinum Customer however seem to be abelt to upload

* Not even mcafee Partners can upload samples

* And no > we don't want to sent ATD Data to GTI we can use the cloud solution then

* And no > GETSUSP did not find it and thus it can't get uploaded.


0 Kudos