Skip to content

Clam AV update fixes archive bug

18-6-2009

Version 0.95.2 of the open source ClamAV virus scanner resolves a bug when dealing with specially crafted RAR, ZIP and CAB archives that can be used by an attacker to conceal a virus or malware from the scanner. The manipulation to create such archives formats them incorrectly, allowing them to fool scanners into overlooking malware contained within them. Despite the corrupted format, some applications and unpackers are still able to extract the files, releasing the malware. All ClamAV users are advised to install the update. ClamAV is released under the GNU General Public License (GPL).

The problem was originally reported by security specialist Thierry Zoller, who regularly examines various virus scanners for security vulnerabilities. In addition to ClamAV, several other virus scanners have also experienced the same problem when processing faulty archives. Other published reports include products from Kaspersky, Symantec, FRISK Software International (F-Prot) and Norman Data Defense Systems.

Off the wire…….

No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: