The ClamAV team has pushed out version 1.5.1, a quick patch following last week’s 1.5.0 release for this open-source antivirus software developed by Cisco Talos, a part of Cisco Systems Inc., which mainly focuses on fixing several performance issues and addressing bugs that slipped through in the previous version.
One of the biggest fixes in 1.5.1 tackles a major slowdown when scanning certain PE files. Users who noticed sluggish performance in Windows executable scans should see a clear improvement now.
The release also fixes a problem where ZIP archives could trigger “Heuristics.Limits.Exceeded.MaxFiles” alerts when using the --alert-exceeds-max option in ClamScan or the AlertExceedsMax setting in ClamD. This issue caused unnecessary scan interruptions for users working with large or nested ZIP files.
Another improvement is in scanning TNEF email attachments, where performance has been optimized to handle these formats more quickly. Additionally, the new version corrects how metadata is recorded for OOXML Office documents and resolves issues with VBA signature detection in OLE2 files—both of which could previously result in incomplete or missed scan results.
The ClamAV team has also loosened overly restrictive rules for embedded file identification and raised the limit for finding PE files nested inside other PE files. That means better detection without unnecessary false positives.
On top of that, the patch fixes problems with RAR archives embedded inside other files and updates several Rust library dependencies to address fuzzy hashing issues affecting certain images.
Lastly, keep in mind that ClamAV 1.5.1 does not require an updated Rust compiler toolchain. The same versions used for 1.5.0 will work just fine, keeping upgrades simple.
As usual, users can grab the latest release from the ClamAV downloads page. The official announcement is here.
