starting today, this link:
throws an alert on my MWG7.5.2,
offending content is in:
I can always bypass that URI or even turn off that particular portion of the heuristics engine, but I'm curious:
Did you follow the guidelines/instructions to zip and password protect?
When submitting samples via E-mail all samples must be packaged in a .ZIP file.
Additionally, any .ZIP file created must be password-protected (encrypted) using the password "infected" (minus the "") - using the basic or default zipping level - some compression software offers varying degrees. Failure to follow these guidelines will cause your submission to be rejected.
If you've done that properly an automated response should be received almost immediately, followed by a manual one, usually within 24 - 48 hours.
If you don't receive anything it either means the file was submitted incorrectly or the response is sitting in your Junk or Spam mail folders.
thank you, yes, I'm aware of those - I have submitted my share of samples and deployed my share of Extra.DATs to know better
this, however, is different. I have no sample. Session is aborted because of the detection. I never see the offending JS. I'm OK with that . But to submit for review I had to follow the "email to labs" process. Starting with the article you quoted, followed to KB68030 and followed instructions under Solution 2, Email Submissions.
I'll just call it in tomorrow, it's much easier
Thank you for your help.
Thank you for the clarification. For I understand that Corporate issues, require different steps to take, opposed to Consumer.
You may submit your detection by utilizing the McAfee Getsusp Tool, however the file size is limited to (10 mbs)
Also should you indeed choose to do so, enter your Email Address under 'Preferences' before scanning.
When successfully submitting, you should receive either an Analysis ID #, or a 'Work Item # when submitted through Getsusp.
Please make certain that you use the proper Getsusp tool for Corporate.