About Us Our Work Employment News & Events
MITRE Remote Access for MITRE Staff and Partners Site Map
News & Events

Follow Us:

Visit MITRE on Facebook
Visit MITRE on Twitter
Visit MITRE on Linkedin
Visit MITRE on YouTube
View MITRE's RSS Feeds
View MITRE's Mobile Apps
Home > News & Events > Media Relations > News Releases > 2005 >

Common Malware Enumeration Initiative Now Available

FOR IMMEDIATE RELEASE:

MITRE Contacts:

Karina H. Wright
(703) 983-6125


Eryn L. Gallagher
(781) 271-3782

Bedford, Massachusetts, October 5, 2005 — The MITRE Corporation is pleased to announce the availability of the Common Malware Enumeration (CME) initiative and its supporting website (http://cme.mitre.org). CME, which is headed by the United States Computer Emergency Readiness Team (US-CERT) and supported by an editorial board of anti-virus vendors and related organizations provides a neutral, shared identification method for malware outbreaks.

The CME initiative assigns a numerical identifier to a particular threat, providing the public with a common method for cross-referencing disparate virus names. In so doing, the CME initiative seeks to:

  • Reduce the public's confusion in referencing threats during malware incidents
  • Enhance communication between anti-virus vendors
  • Improve communication and information sharing between anti-virus vendors and the rest of the information security community

During a virus outbreak, participants on the CME board request an identifier from an automated system by providing a sample of the virus and as much additional information as possible. An identifier in the format 'CME-N', where N is a seven digit integer (initially restricted to 3 digits until more digits are needed) between 1 and 9999999 is generated and distributed to the other participants. The participants then disseminate the CME identifier to their contacts in the industry and reference the CME identifier on their web pages, in their product, or when speaking to the press. In addition to MITRE, participants on the CME editorial board include Computer Associates, F Secure, ICSA Labs, Kaspersky Lab, McAfee, MessageLabs, Microsoft, Norman, Sophos, Symantec, and Trend Micro.

Use of the CME identifier is completely voluntary, but it is hoped that the public will encourage anti-virus vendors to adopt CME identifiers. CME is similar to the Common Vulnerabilities and Exposures (CVE) initiative, which is also operated by MITRE in support of US-CERT. Experience with CVE shows that by adopting a neutral, shared identification method, effective information sharing can happen faster and with more accuracy.

For answers to frequently asked questions, please visit the CME website at http://cme.mitre.org/news/press_qa.html.

MITRE (www.mitre.org) is a not-for-profit company that provides systems engineering, research and development, and information technology support to the government. It operates federally funded research and development centers for the Department of Defense, the Federal Aviation Administration, and the Internal Revenue Service, with principal locations in Bedford, Mass., and McLean, Va.

Page last updated: October 12, 2005   |   Top of page

Homeland Security Center Center for Enterprise Modernization Command, Control, Communications and Intelligence Center Center for Advanced Aviation System Development

 
 
 

Solutions That Make a Difference.®
Copyright © 1997-2013, The MITRE Corporation. All rights reserved.
MITRE is a registered trademark of The MITRE Corporation.
Material on this site may be copied and distributed with permission only.

IDG's Computerworld Names MITRE a "Best Place to Work in IT" for Eighth Straight Year The Boston Globe Ranks MITRE Number 6 Top Place to Work Fast Company Names MITRE One of the "World's 50 Most Innovative Companies"
 

Privacy Policy | Contact Us