 |
| |
|
Through CME's neutral, shared identification method, the CME initiative seeks to:
Scope of CME ImplementationCME was initially developed to address the pandemic model of malware in which CME identifiers are assigned to "high-profile threats." As defined by the CME Threat Assessment Focus Group comprised of vendors and user representatives, high-profile malware threats include "considerable or notable malware threat(s) potentially confusing users, malware threats posing a considerable risk to a user, and/or malware that draw media attention." Threats are identified by the CME Sample Redistribution Group members, who represent anti-virus vendors and other organizations with access to malware samples. CME relies on the historical experience of these members, as well as the perspectives of the user representatives on the Technical Feedback Group, to know when an incident is noteworthy enough for inclusion on the CME List. The changing nature of the malware threat—away from pandemic, widespread threats to more localized, targeted threats—is impacting public perceptions about which malware are high profile. CME recognizes the importance of this issue and is working to adapt to this new threat environment. As of November 2006, CME is also assigning identifiers to the most prevalent virus threats in the wild in order to further mitigate user confusion. Please contact cme@mitre.org with any comments or questions. |
   
|
||||||
|
|
|||||||
provides single, common identifiers
to new virus threats and to the most prevalent virus threats in the
wild to reduce public confusion during malware incidents. CME is not
an attempt to replace the vendor names currently used for viruses and
other forms of malware, but instead aims to facilitate the adoption
of a shared, neutral indexing capability for malware.
