The documentation is very vauge about what it really blocks.

As is in the case of virus signatures isn’t it? :wink:

Basically, we’re trying to cover all Internet worms. Such as Win32.CodeRed, Win32.SQLSlammer, Win32.Blaster, in32.Welchia (Nachi) and Win32.Sasser.