This article reprint describing CME was published in the September 2005 issue of the Virus Bulletin. The article serves as the public launch of CME and describes what CME is and isn't, mentions the problems that use of CME's common identifiers will solve, describes CME identifiers, details the process for assigning CME identifiers, lists the members of the CME Editorial Board, and advocates the adoption of CME by the anti-virus and information security communities for the benefit of the public. The article was also presented as a briefing topic at the Virus Bulletin Conference on October 5th-7th, 2005 in Dublin, Ireland. September 2005 – CME Team Members Jimmy Kuo of McAfee, Inc. and Desiree Beck of MITRE Corporation.

PDF (1.06 Mb)

This document addresses operational aspects of the CME initiative, including the purpose and scope of CME, how CME identifiers are assigned, and the initial process for the deconfliction of malware threat samples. We expect this document to evolve as a result of discussions among the Board and as additional identifiers are assigned over time. September 2005 – Desiree Beck.

HTML

An open letter from an anti-virus customer to anti-virus vendors was posted to the SANS Internet Storm Center calling for the vendors to solicit the help of a neutral 3rd party like SANS or US-CERT to help solve the malware identification problem. The CME Team drafted a response that was co-signed by MITRE's CME Team, US-CERT/DHS representatives, and the vendors participating on the CME Preliminary Editorial Board. The response letter was posted by the SANS Internet Storm Center on November 23, 2004 at http://isc.sans.org/diary.php?date=2004-11-23.