WIll this naming continue?

VPS 0602-0, 09.01.2006
JS:OpenConnection-I, JS:OpenConnection-J, JS:OpenStream-B, MS06-001 WMF Exploit, Win32:Adloader-I [Trj], Win32:Agent-FY [Trj], Win32:Agent-FZ [Trj], Win32:Agent-GA [Trj], Win32:Agent-GB [Trj], Win32:Agent-GC [Trj], Win32:Agent-GE [Trj],…

It looks like you changed naming of exploits and i like it (“MS06-001 WMF Exploit” instead of just “WMF Exploit”).
Will this continue for other exploits as well or is just in this case. If it is just a malware naming or is it something else?

Well, I wouldn’t say we changed the naming of exploits in generally - the old JPEG exploit is already called that way for some time. We just renamed this one so that the name also includes reference to the corresponding security bulletin. We couldn’t name it that way when it was released, because the security bulletin wasn’t known at the time :wink:

And yes, I’d like to see other similar (and similarly named) detections to appear in the future.

Thanks ;D