One of the project heads might want to get on this:
The CBS site Download.com is distributing its malware with their
ClamAV downloads.[1]
Luckily ClamAV will catch this if already installed. This does nothing
to assist new users wishing to gain initial protection though. It
appears to be one of the only top AV products distributed on Cnet with
the malware installer bundled in as well.
Gonna make ClamAV look very bad after a user installs it and finds
their system hosed with this crap. Given the nature of ClamAV, they've
certainly steeped to a new low with this one. Talk about brazen!
This is already a well known problem with other security tools.[2][3][4]
[1] http://download.cnet.com/windows/sourcefire/3260-20_4-10091988.html
[2] http://insecure.org/news/download-com-fiasco.html
[3] http://seclists.org/nmap-hackers/2011/5
[4] http://seclists.org/nmap-hackers/2011/6
--
David Pierce
_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32
The CBS site Download.com is distributing its malware with their
ClamAV downloads.[1]
Luckily ClamAV will catch this if already installed. This does nothing
to assist new users wishing to gain initial protection though. It
appears to be one of the only top AV products distributed on Cnet with
the malware installer bundled in as well.
Gonna make ClamAV look very bad after a user installs it and finds
their system hosed with this crap. Given the nature of ClamAV, they've
certainly steeped to a new low with this one. Talk about brazen!
This is already a well known problem with other security tools.[2][3][4]
[1] http://download.cnet.com/windows/sourcefire/3260-20_4-10091988.html
[2] http://insecure.org/news/download-com-fiasco.html
[3] http://seclists.org/nmap-hackers/2011/5
[4] http://seclists.org/nmap-hackers/2011/6
--
David Pierce
_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32