New versions of F-Prot Antivirus for UNIX released

4 January 2006

FRISK Software has released versions 4.6.4 of F-Prot Antivirus for Linux x86, for BSD x86, for Solaris SPARC, for Solaris x86, for AIX on IBM pSeries and for Linux on IBM zSeries.

Versions 4.6.4 of F-Prot Antivirus for UNIX include a number of important bugfixes. In addition, these new versions provide enhanced scanning of Windows Metafile images (WMF) for embedded malware. WMF files disguised, among other things, as JPG images have increasingly been taking advantage of a recently discovered yet serious vulnerability in Windows in order to run malicious code on susceptible machines.

Successful exploitation of this vulnerability can allow an attacker to gain complete control over an affected computer who can then use it to send out spam e-mail or spread viruses and other malware further. A number of different exploits have a appeared over recent days and these newest versions of F-Prot Antivirus for UNIX detect and delete all known exploits as well as detecting previously unknown malware attempting to take advantage of this WMF vulnerability.

System administrators can now exclude all WMF files either by stoplisting them so they are moved automatically into quarantine or by banlisting them so they are simply deleted. These new versions of F-Prot Antivirus for UNIX include greatly enhanced file type identification techniques, including content fingerprinting, in order to intercept and quarantine disguised malware. F-Prot Antivirus inspects all files based on three criteria in order to ensure correct file type identification: 1) filename, 2) mime type, and 3) file content via content fingerprinting. If any stoplisted or banlisted characteristic is detected, the corresponding file is quarantined or deleted, respectively.

In addition, in order to avoid automatic execution of disguised unknown threats, F-Prot Antivirus compares the results of the three filetype tests mentioned above and renames any file in which discrepancies are detected.

Updating F-Prot Antivirus

We recommend that users of F-Prot Antivirus for Linux x86, for BSD x86, for Solaris SPARC, for Solaris x86, for AIX on IBM pSeries and for Linux on IBM zSeries systems update their programs to versions 4.6.4 as soon as possible.

Please visit our update center to update your program now.

Current and previous versions of F-PROT Antivirus products:

For information on current versions of F-PROT Antivirus products and the latest virus signature files, visit our current versions page.

To view the release dates of all previous versions of F-PROT Antivirus products, please click here.

Commtouch® is a leading developer of anti virus software and anti spam filtering services. Commtouch's anti virus computer software, F-PROT Antivirus, is available for a number of operating systems such as Windows, Linux, BSD, Solaris, and AIX as well as the Microsoft Exchange groupware.

2014 © CYREN · Privacy Statement