ClamWin Free Antivirus Forum Index
ClamWin Free Antivirus
Support and Discussion Forums
Reply to topic
New Version of Clamwin
Chris05


Joined: 22 Feb 2018
Posts: 4
Location: Pasig City
Reply with quote
Hi Sir / Mam,

Need your answer and suggestion on the ff. questions below for me to get some information on how can I maintain our system protected on virus.

1. When will the new version of Clamwin be release ?
2. Considering manual scan. Will it be still update the virus database ?
3. I have windows 2000 advance server with installed Clamwin. Until when Clamwin supports windows 2000 ?
View user's profileSend private message
GuitarBob


Joined: 09 Jul 2006
Posts: 4376
Location: USA
Reply with quote
There is no new version of ClamWin scheduled. The ClamWin developers just prepare a port of the Clam AV for Linux AV when they are able to do so. There is no development schedule, and there is no guarantee that they can/will prepare a port. It is getting very difficult to support a free AV now. If ClamWin currently works okay on your OS, it will probably continue to do so. However, if there is ever a ClamWin 1.0, I think it will not be able to support legacy Windows OS versions because of the new functionality it should have. Many AVs no longer support legacy because it is just too difficult to do so, and ClamWin is free, which makes it even worse. ClamWin is already unable to provide some of the functionality available in the current Clam AV Linux version(s).

Regards,
View user's profileSend private message
coldscientist


Joined: 24 Jan 2018
Posts: 23
Location: Brazil
Reply with quote
Hello Chris05,

Your questions are harder to reply. We'll try to help you the best we can.

1. When will the new version of Clamwin be release?
ClamWin is based on a port of ClamAV engine and follows the roadmap from ClamAV project, that (at least, from what I've already searched and read) doesn't have a roadmap. E.g: 0.99.2 was released about 2 months after 0.99.1 release, but 0.99.3 was released 1 year and 3 months after 0.99.2 release.

In fact, ClamWin project depends on newer releases of ClamAV engine port from Linux to Windows by Sherpya. Actually, ClamWin uses ClamAV 0.99.2 engine (there isn't significant changes into 0.99.3 to justify code migration, from what I've read so far).

Into newer releases (0.99.3 and above), ClamAV engine is compiled into Visual Studio 2015 platform, that isn't compatible with Windows 2000.

There's technical details that disallow us from providing support from legacy platforms. The support from legacy platforms depends from Sherpya builds, so he's the best person to reply it to you, but he didn't appears on the forums sometime by now.
View user's profileSend private message
coldscientist


Joined: 24 Jan 2018
Posts: 23
Location: Brazil
Reply with quote
I have windows 2000 advance server with installed Clamwin. Until when Clamwin supports windows 2000 ?

New functionalities to ClamWin are into plans (a new UI, an on-access scanner, improved heuristics, etc), and compatibility with Windows 2000 isn't priority. Please remember that most AV vendors doesn't support even Windows XP anymore. ClamWin is an open source project, with little to none budget - we keep it because we love, and because we believe on it. Please consider a donation if it's helpful, but as the majority of Open Source projects, we didn't have fixed dates.

ClamWin versions from 1.0 on (if any) will probably not work on legacy operating systems because they will have increased functionality that just can not be used by legacy systems, which are getting difficult to support for a small/unpaid team like ClamWin.

My recommendation: use it as most you can. Signatures probably will (probably) work for 2 years or more for your ClamWin version. Please note that actually, ClamWin isn't a recommended AV for daily base, as it's work with base of signatures with no heuristics (a virus can take 18 months to be included into ClamAV database) and no real-time protection.

I know at least one known vulnerability that Windows 2000 have that wasn't fixed by Microsoft. It's vulnerable to a TCP/IP DoS attack (https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048). The will have to re-engineer the TCP/IP stack to fix this issue in Windows 2000 not only being a huge effort on their behalf but ALSO breaking a ton of apps that currently run on 2000. If you are still running 2000 it is more than likely because you've got some crazy old proprietary application that won't run on anything else or difficult to migrate. IT'S 9 YEARS OLD and this DOS requires a sustained TCP stream to cause the system to be non-responsive. Once the stream is stopped the system is responsive again.

Windows 2000 is vulnerable to NSA exploits too and probably other (un)known vulnerabilities from newer Windows versions, like Windows XP (already EOL) and Windows Server 2003. I recommend you to implement at least a Firewall into your network and one into Windows 2000, if possible (maybe ZoneAlarm into Windows 2000 and pfSense into the edge of your network?). I recommend you to migrate to newer Windows Server versions or migrating to ReactOS or Linux if you're in low budget.
View user's profileSend private message
coldscientist


Joined: 24 Jan 2018
Posts: 23
Location: Brazil
Reply with quote
Considering manual scan. Will it be still update the virus database ?

Please read ClamAV End of Life policy at https://www.clamav.net/documents/end-of-life-policy-eol

Edit: Even if newer versions of ClamWin breaks Windows 2000 support, you can keep the version of ClamWin actually installed and it will still receive signature updates normally until EOL.
View user's profileSend private message
New Version of Clamwin
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 1 of 1  

  
  
 Reply to topic