From the IMAIL list I'm on. Thought I would spread the love.

During the past few weeks, virus writers have come up with at least 6 new
tricks to get their viruses past mailserver virus scanners.  They started
by spreading in .ZIP files, then moved to static encrypted .ZIP files, then
moved to dynamic encrypted .ZIP files, then started using pictures to give
out the passwords, then started using encrypted .RAR files.  The latest
trick, first announced this morning, is that they are now using the OBJECT
DATA exploit.  With this, the virus isn't spread in the E-mail, so it can't
be detected.  Worse, a user doesn't have to open an attachment for it to
spread.

There is now a new interim release of Declude Virus that will automatically
detect the OBJECT DATA exploit, which is the only way for a mailserver
virus scanner to prevent Bagle.Q or Bagle.R from spreading.  For people
using Declude Virus, we recommend upgrading to the latest interim release
(at http://www.declude.com/interim ).  Please note that you MUST have an
up-to-date Service Agreement to download this release.  If you do not have
an up-to-date Service Agreement, you can order it online at
http://www.declude.com/order.htm , and then you can immediately download
the latest interim release.

If you are using another brand of virus scanner, you should upgrade as soon
as the vendor has an upgrade available to detect the OBJECT DATA exploit.

                                                   

Patch, Patch, Patch.

Cheers!
Dave