How do I pass the GFI "Malformed file extension vulnerability test"?

  1. Home
  2. Knowledge Base
  3. GMS
  4. How do I pass the GFI "Malformed file extension vulnerability test"?

Question

I have performed the Malformed file extension vulnerability test from the GFI security website which indicates that my server is not protected. How do I protect against this type of message?

Answer

These messages can be easily stopped by blocking certain file types using the Attachment rejection options in GMS Anti-Spam.

However this will result in all files of these types being blocked, regardless of whether they are malicious.

Furthermore, blocking attachments of a certain type is far less effective than virus scanning your incoming mail using GMS Anti-Virus, since blocking against certain types may not protect you against social engineering techniques which may be employed by a virus writer.

The GFI test actually only checks that your server is vulnerable to hta files. This limited test is flawed, since passing this test may falsely lead an administrator to believe that they the server is secure. For a more complete list of potentially damaging files, please see Knowledge Base article q0398 in the “See Also” section of this article.

See Also:

Keywords:GFI, malformed file extension, vulnerability

Was this article helpful?

Related Articles