ClamAV is an open-source antivirus engine designed to detect Trojans, viruses, malware, and other malicious threats, widely used for scanning emails on mail gateways, as it supports a range of file formats, signature languages, and utilities for automatic database updates.
In an update to its software, ClamAV has rolled out version 1.3.0, marking a major feature release, alongside the security patch versions 1.2.2 and 1.0.5, aimed at enhancing the security and functionality of its antivirus offerings. So, here’s what’s new.
ClamAV 1.3.0 Highlights
The ClamAV team has announced the stable release of ClamAV 1.3.0, a feature-packed update introducing several improvements and changes. Key among these is the added capability to extract and scan attachments found in Microsoft OneNote section files.
This functionality will be enabled by default, offering users enhanced protection against potential threats hidden in OneNote documents. However, users can turn off this feature through various options, catering to diverse user preferences and security requirements.
Moreover, ClamAV 1.3.0 has addressed compatibility and usability enhancements across different platforms and configurations. The issue when building ClamAV on the Haiku operating system has been fixed. ClamD now checks the existence of directories specified for temporary files, improving error handling and stability.
In addition, ClamAV has expanded its support to include file type recognition for compiled Python (.pyc) files, enhancing its scanning capabilities.
The release also improves decrypting PDFs with empty passwords, among other minor enhancements and bug fixes. It also resolves a warning when scanning certain HTML files and fixes infinite loops in ClamOnAcc under specific conditions.
ClamAV 1.2.2 & 1.0.5
In parallel, ClamAV has addressed critical security vulnerabilities by releasing patches 1.2.2 and 1.0.5. These updates mitigate a potential heap overflow read bug in the OLE2 file parser (CVE-2024-20290) and a possible command injection vulnerability in the ClamD service’s “VirusEvent” feature (CVE-2024-20328).
Lastly, it’s important to note that ClamAV 1.1 is now past its End-of-Life (EOL) for security fixes and will not receive further updates. Users are encouraged to migrate to the supported versions – 1.0 LTS, 1.2, or 1.3 – to ensure continued protection against threats.
The new releases are available for download on the ClamAV downloads page, GitHub Release page, and through Docker Hub, including Alpine-based images and Debian-based multi-arch images. For detailed information about all changes, refer to the release announcement.
Anti-virus NOT needed with Linux. Using since 2006 and NEVER had a problem of any kind. Windows? Constant battles with viruses and trojans. I don’t see any point for this article.
We’re using ClamAV on our mail gateway and file servers. Most client systems are still running MS Windows (with execution prevention policies, but nonetheless) and we’re following a German ISO 27001 compatible framework which forces us to use some kind of AV on file servers.
Yes, but the situation is slightly different if you are looking after a mail or file server in an enterprise environment with a mix of OSes on the end-user side. I share this from personal experience. Not everything in Linux starts and ends with the desktop side of things. In fact, as we know, it’s by far the smallest part of its applicability.
Best,
Bobby