ClamWin users need to update!

Hi malware fighters,

The free and open source anti-virus software ClamAV appears to have a serious hole, that enables an attacker to remote control a system via a heap-based buffer overflow. Users are urgently advised to upgrade to version 0.88.5. Apart from the leak in rebuildpe.c also a flaw in the CHM (Compressed HTML Help) unpacker chmunpack.c has been repaired. Through this leak an attacker could make the system crash.

The team behind ClamAV also has good news for you, because the 0.90 version can be tested by everyone. The 0.9x series has all kind of improvements in detection and speed. Alo new packers and decrypters are being sustained, RAR3 en SIS archives and a new phishing signature which looks very promising indeed.

polonus

P.S. The updated and the new version can be downloaded from ClamAV.net.

Thamks polonus,
It’s also listed in the updates thread:
http://forum.avast.com/index.php?topic=9671.msg199430#msg199430

ClamAV users need to stop using ClamAV, its not very good exploit or not…

I assume that’s your personal opinion ???

Well… I don’t think so… All software could have problems. Just update it :slight_smile: