[dxgi.dll] Kaspersky Alert for v22000.258.26 and v22000.194.25 - Exploit #82
Replies: 4 comments
-
|
It seems to be related to the intensive hooking done under the hood.(Not 100% sure about this) |
Beta Was this translation helpful? Give feedback.
-
|
That's what I think: some improvements and therefore new hooks or behaviors added from previous versions are recognized by Kaspersky (only the Web protection module, not the scanner) as prohibited activity. In addition, the new generated code can also be falsely identified as illegal. Sometimes a single line of code generates some opcodes chain that make AVs cry... Maybe a comparison with the previous code can tell why. Note: I just downloaded again the v2200.258.26 DLL and Kaspersky does not complain anymore since the last online engine update - this seems to confirm a fixed false positive (but still the same alert with v22000.194.25) |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for the report. Again, not a bug, so this better belongs to discussions. |
Beta Was this translation helpful? Give feedback.
-
|
Also, there was another discussion on this topic here, it would have been nice to use that, it's obviously on the same topic and some more info is given in there: #58 |
Beta Was this translation helpful? Give feedback.
-
(Not for v22000.194.24 and v22000.168.0.14 and some previous)
Kaspersky Internet Security v21.3.10.391(f) Exploit Alert:
UDS:Exploit.Win32.CVE-2019-1184.a
But clean for VirusTotal.com (0/90)
Beta Was this translation helpful? Give feedback.
All reactions