Scope of CME Implementation
CME was initially developed to address the pandemic model of malware
in which CME identifiers are assigned to "high-profile threats."
As defined by the CME Threat Assessment Focus Group comprised of
vendors and user representatives, high-profile malware threats include
"considerable or notable malware threat(s) potentially confusing
users, malware threats posing a considerable risk to a user, and/or
malware that draw media attention." Threats are identified
by the CME Sample Redistribution Group members, who represent anti-virus
vendors and other organizations with access to malware samples.
CME relies on the historical experience of these members, as well
as the perspectives of the user representatives on the Technical
Feedback Group, to know when an incident is noteworthy enough for
inclusion on the CME List.
The changing nature of the malware threataway from pandemic, widespread
threats to more localized, targeted threatsis impacting public
perceptions about which malware are high profile. CME recognizes
the importance of this issue and is working to adapt to this new
threat environment. As of November 2006, CME is also assigning identifiers
to the most prevalent virus threats in the wild in order to further
mitigate user confusion. Please contact cme@mitre.org
with any comments or questions.