Application programmers have all made the same mistake of ignoring how the ZIP format works, using libraries and components that accommodate filenames only up to the OS maximum length (512 bytes for Windows, for example) instead of the 64K limit in the ZIP specification.

What's really alarming is the vulnerability to e-mail viruses. So far, every mail gateway virus scanner Rapid7 has tested lets a virus test file sneak right through if it's in a ZIP file with long filenames--the gateway scanners only catch the test files that are embedded in a "standard" ZIP file with short entry names.

Full article: http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2894850,00.html

Apart from common sense stepping in, when you receive a zipped attachment with a name that´s that long, I don´t think this will be a very frequently used way of sneaking viruses into your system.
Your views?

Regards,

Pieter

Nice story. That said: any top notch antivirus will jump right at it when trying to execute such a file.

regards.

paul

That´s right.
What I´m worried about are the people that rely on their their ISP´s mail-scanner. They´re in for another disappointment.

Regards,

Pieter

-{ Quote: "What I´m worried about are the people that rely on their their ISP´s mail-scanner." }-

Personally, I do believe relying on such a service isn't the most reliable thing to do ;).

regards.

paul

-{ Quote: " quoting: Forum Admin link=board=18;threadid=4782;start=0#31383 date=1036939631]

Personally, I do believe relying on such a service isn't the most reliable thing to do ;).

" }-

No argument here. Nevertheless, many people with limited system resources do. They pay good money to have their mail checked for viruses and perform an occasional on-line scan when their computer acts suspicious.
Unfortunate but true.

Regards,

Pieter

-{ Quote: "Nevertheless, many people with limited system resources do." }-

Seems to me, buying a 128 MB SDRAM stick for say 25 US bucks is a far more cheaper solution.. ::)

regards.

paul