Last Build Date: Thu, 01 Feb 2007 15:25:26 -0000
Thu, 01 Feb 2007 15:25:26 -0000
This is the last release candidate for 0.90 .
Please report any problems through our bugzilla: http://bugs.clamav.net . If you are running ClamAV 0.90RC1.1 or 0.90rc2, you are strongly encouraged to upgrade to the latest RC. Remember to try the experimental code by using "./configure --enable-experimental" at compile time.
Tue, 21 Nov 2006 16:58:29 -0000
Our new Wiki site is now in production. Visit http://wiki.clamav.net and register yourself! You are welcome to document all the steps you did to integrate ClamAV with your favourite content scanner. Also feel free to post your success stories about ClamAV on http://wiki.clamav.net/Main/SuccessStories . Let's share your know-how on ClamAV with the rest of our user community!
We really hope that this new Wiki will serve for this purpose better than the previous one. We learned the lesson the hard way: the new wiki features a more user friendly interface, a WYSIWYG editor and some very important antispam protections.
Wed, 08 Nov 2006 23:11:54 -0000
Heise Security reports that ClamAV was among the first virus scanners to detect a trojan distributed by a forged version of Wikipedia. You can read the full article at http://www.heise-security.co.uk/news/80729
Mon, 30 Oct 2006 21:27:43 -0000
The second release candidate of the long awaited
ClamAV 0.90 is ready for general testing! If you are running ClamAV 0.90RC1.1, you are strongly encouraged to upgrade to the latest RC. Remember to try the experimental code by using "./configure --enable-experimental" at compile time. Please note that we do not accept bug reports against 0.90RC1.1 anymore.
Mon, 30 Oct 2006 00:48:53 -0000
Our donate page now features a PayPal button. Keeping the virus database up to date is a time consuming task: we need to process a lot of malware every day and generate new signatures for it. The ClamAV team provides you with timely updates and continuosly implement new features to make your favourite antivirus (and its derivative products) more effective.
Visit http://www.clamav.net/donate.html#pagestart and contribute to our project.
Mon, 16 Oct 2006 01:29:01 -0000
The first release candidate of the long awaited
ClamAV 0.90 is ready for general testing!
The 0.9x series introduces lots of improvements
in terms of detection rate and performance, like
support for many new packers and decryptors, RAR3
and SIS archives, and a new phishing signatures
format that proves to be very effective.
The email decoding has been improved to reduce
both the memory requirements and the time taken
to process attachments.
We have been working hard also on the ClamAV
Virus Database: we now have more than 73.000
signatures and we keep on reviewing hundreds of
To cope with the increasing size of the database
and with the high frequency of new CVD releases,
freshclam now supports scripted updates: only the
differences between two releases of the CVD are
downloaded. This dramatically reduces traffic on
our mirrors and will allow us to release even
more updates in the future.
Download the latest release candidate and test
the new experimental code (use
./configure --enable-experimental at compile
time). We need your feedback!
Mon, 16 Oct 2006 00:27:45 -0000
In the hope to get more detailed bug reports and coordinate the work of people testing our experimental code, we decided to open a bug tracker.
After checking many different bug tracker, we decided to stick to the well known Bugzilla.
Please use it wisely: http://bugs.clamav.net
Sun, 30 Apr 2006 23:45:18 -0000
Summer of Code 2006 is a program sponsored by Google, that offers student developers stipends to create new open source programs or to help currently established projects. The ClamAV project is happy to join this event and get some help from emerging developers to quickly implement some of the features (see http://www.clamav.net/news/soc2006.html\) that are currently on our TODO list.
Google will give 5000 USD per accepted student, of which 4500 USD goes to the student and 500 USD goes to the mentoring organization.
Students who wish to join the program and help the ClamAV project will be paid 500 USD upon acceptance of their application, 2000 USD mid program (assuming they have made sufficient progress on the project), and 2000 USD at close of program (assuming they have completed the project).
See http://code.google.com/soc/studentfaq.html for more information.
Sun, 30 Apr 2006 21:13:46 -0000
W32.Polipos.A is a complex polimorphic virus infecting 32-bit Windows executables. The virus uses advanced techniques, such as entry point obscuring, to make the detection even harder. It can also spread via P2P networks and contains procedures against security software.
Extensive tests in our secure environments showed that ClamAV 0.88.2 was able to detect 100% W32.Polipos.A infections without producing a single false positive alert.
Thu, 13 Apr 2006 14:52:36 -0000
On April 12, the security company SonicWALL announced Day Zero protection against vulnerability in Clam AntiVirus. The press release (see: http://biz.yahoo.com/prnews/060412/sfw078.html?.v=47\) bewildered ClamAV developers. The problem described in the press release was... already fixed in the 0.88.1 version of ClamAV published on April 4. Moreover, it was ranked by the Clam AntiVirus programmers as low risk.
Information about "Clam AntiVirus Win32-UPX Heap Overflow" was posted to bugtraq (url: http://seclists.org/lists/bugtraq/2006/Apr/0174.html\) on
April 6, by a member of the security group Overflow.pl . It described a potential heap overflow in the UPX unpacker. In its press release, SonicWALL failed to mention that the bug was already fixed and what's even most important: the problem was impossible to exploit on properly configured systems. In fact, only the ClamAV installations with archive scan limits completely disabled were vulnerable to the heap overflow, however such incorrectly configured systems were at the same time vulnerable to many other attacks such as archive bombs.
It's the opinion of Clam AntiVirus authors that these security companies and researchers should take more care about information they are publishing.
The ClamAV project always offers them help understanding its internals.