tag:blogger.com,1999:blog-1029833275466591797.post3680128912350570089..comments2011-09-02T10:08:15.649-04:00Nigel Houghtonhttp://www.blogger.com/profile/11599266012164775142noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-1029833275466591797.post-48027306207759624962011-06-23T10:56:11.463-04:002011-06-23T10:56:11.463-04:00Slog6969 -- There is only one ClamAV pipeline. If your Untangle system is grabbing it&#39;s definitions using freshclam, from the Official ClamAV repository, yes, you should have had them -- before this post came out.Joel Eslerhttp://www.blogger.com/profile/13911640885160917108noreply@blogger.comtag:blogger.com,1999:blog-1029833275466591797.post-43659472087645183502011-06-10T02:04:52.509-04:002011-06-10T02:04:52.509-04:00Great piece, Joel.<br /><br />Thanks for the screenshots, in particular. I&#39;ve quoted your blog unabashedly (with attribution, of course!) in my own recent blog on <a href="http://update.pcantivirusreviews.com/news/2011/06/macdefender-screenshots-so-heres-what-it-looks-like.html" rel="nofollow">MacDefender</a>ksmithhttp://www.blogger.com/profile/05387473401444362557noreply@blogger.comtag:blogger.com,1999:blog-1029833275466591797.post-4948433239956231332011-05-30T09:57:20.495-04:002011-05-30T09:57:20.495-04:00Joel, I run an Untangle UTM and it has ClamAV at the gateway. Will these Mac sigs be in that feed and get updated? <br /><br />Are you putting Mac sigs in EVERY possible Clamav sig pipline?<br /><br />http://www.untangle.com/<br /><br />.Slog6969http://www.blogger.com/profile/08302314289090536676noreply@blogger.comtag:blogger.com,1999:blog-1029833275466591797.post-64014253758805455182011-05-23T11:01:58.392-04:002011-05-23T11:01:58.392-04:00Kate,<br /><br />Yes. It would simply require an extra step to open the package file. It&#39;s not an exploit against a browser in anyway, any browser with javascript turned on should download the file in the background. Safari just opens the package for you by default.Joel Eslerhttp://www.blogger.com/profile/13911640885160917108noreply@blogger.comtag:blogger.com,1999:blog-1029833275466591797.post-6926045293027067702011-05-23T09:53:24.829-04:002011-05-23T09:53:24.829-04:00From this article, it seems to be only exploiting Safari for Mac. Would it also affect a Mac if you were running Firefox or Chrome?Kate Hutchinsonhttp://www.blogger.com/profile/17664981385715429246noreply@blogger.com