Malware ID System Enjoys Broad Support

by Michael Hall

A new system for labeling malware will make it easier to make sure vendors and customers are on the same sheet of music when discussing threats.

A new system for identifying malware is meant to simplify and standardize reporting, making it easier for security personnel to respond to new security threats.

Today the MITRE Corporation, a not-for-profit research organization, announced the Common Malware Enumeration (CME) initiative and a supporting site at cme.mitre.org.

The new initiative is headed by the United States Computer Emergency Readiness Team (US-CERT), and enjoys support from an editorial board made up of anti-virus vendors such as McAfee, Symantec, Trend Micro, Microsoft, Sophos, ICSA Labs, Norman, Kaspersky Lab, MessageLabs, F-Secure, and Computer Associates.

According to MITRE's announcement, during a virus outbreak, participants on the CME board will request an identifier from an automated system by providing a sample of the virus and as much additional information as possible. An identifier in the format 'CME-N' where N is an integer between 1 and 999 will be generated and distributed to the other participants. The participants will then disseminate the CME identifier to their contacts in the industry and reference the CME identifier on their web pages, in their product, or when speaking to the press.

MITRE has provided a FAQ page discussing some of the details of the new initiative.

This article was originally published on Thursday Oct 6th 2005