Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

0.18.2 release being flagged by Defender #353

Closed
chrisjeter opened this issue Jul 4, 2024 · 1 comment
Closed

0.18.2 release being flagged by Defender #353

chrisjeter opened this issue Jul 4, 2024 · 1 comment

Comments

@chrisjeter
Copy link

I downloaded the 0.18.2 release this morning from the repo. When trying to run an import Windows Defender is flagging the exe as a Trojan and Quarantining it as Win32/Bearfoos.A!ml. I've verified that all Defender signatures are up to date. 0.18.1 does not display the same issue.
Screenshot 2024-07-04 133513
@chrisjeter chrisjeter changed the title Latest release being flagged by Defender 0.18.2 release being flagged by Defender Jul 4, 2024
@simulot
Copy link
Owner

simulot commented Jul 4, 2024

The binary isn't signed, which is suspicious in Windows Defender eyes. I have tested the latest release with Windows Defender on a Win11 box. No detection.

I have checked the binary from the release with the virus total web site:
https://www.virustotal.com/gui/file/dc7b3fc7873ffc23e3b8cd2da7e1b8e1b9345639fa5a4123ae9231d77f98ad2a/detection

1 positive over 74 tests. It's likely to be a false alarm.

The windows binary is complied on a linux box less susceptible to be infected.
I'll check how to build the binaries in a secured environment and to sign the binaries.

@simulot simulot closed this as completed Jul 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@simulot @chrisjeter