Simon Hobson wrote:
The **ONLY** defence I can think of is that they assumed an implicit
permission by virtue of the user running the update process to fetch
signature updates. That's a very tenuous thing to infer when pushing an
update that is so different in purpose to what would normally be fetched.
Well, it's not the only defense that I can think of. For exactly how
long had this message appeared before the ClamAV engine actually died?
LibClamAV Warning: ****************************************************
LibClamAV Warning: *** This version of the ClamAV engine is outdated.
***
LibClamAV Warning: *** DON’T PANIC! Read
http://www.clamav.net/support/faq ***
LibClamAV Warning: *****************************************************
... they're called "idiot lights" for a reason and are disregarded at
the user's peril.
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
