How do I pass the GFI "CLSID extension vulnerability test"?

  1. Home
  2. Knowledge Base
  3. GMS
  4. How do I pass the GFI "CLSID extension vulnerability test"?

Question

I have performed the CLSID extension vulnerability test from the GFI security website which indicates that my server is not protected. How do I protect against this type of message?

Answer

To protect against a CLSID exploit, you should use GMS Anti-Spam to block for attachments with the extension of:

{*}

and

{3050f4d8-98b5-11cf-bb82-00aa00bdce0b}

However this is not a subsitute for having up to date virus protection, such as that provided by running GMS Anti-Virus on your server.

If you are running GMS Anti-Virus and a virus arrives which attempts to exploit the CLSID vulnerability, the message will be scanned and rejected without the requirement to block these attachment types altogether.

Alternatively you can use the MessageQualityMask option which allows you to reject email messages with certain characteristics. Please see KB article q965 in the see also section of this article for more information on this option.

See Also:

Keywords:CLSID GFI

Was this article helpful?

Related Articles