If you are running F-Secure Anti-Virus version 4.x or 5.x, you should install this hotfix immediately:

http://www.f-secure.com/security/fsc-2007-1.shtml

The vulnerability can be exploited remotely and is present in both Windows and Linux versions. For Windows, the same hotfix will also patch another vulnerability with the real-time scan function that, in practice, is of limited concern to LISTSERV installations (the attacker needs to be able to log in to the Windows server running F-Secure).

The new FSAV 7.x version does NOT have either vulnerability. To use FSAV 7.x, you need to install the LISTSERV 15.0 level set released in February.

  Eric