On Wed, 13 Sep 2017, Kees Theunissen wrote: >On Wed, 13 Sep 2017, lukn wrote: > >>Hello List >> >>Same here, I do see FPs with >>BC.Win.Exploit.CVE_2017_11244-6335828-0 >>hitting legitimate corporate files (so no submission possible from me >>either). > >We saw BC.Win.Exploit.CVE_2017_11244-6335828-0 hitting a *.docx >attachment in an outbound e-mail from one of our users. >That was probably a FP too. >I didn't see the attachment myself so I'm not sure that it was >a FP. I asked the user if the file was confidential and if I could >get a copy of the file for inspection and submission of a FP-report. >He didn't answer yet.
Update: he answered while I wrote the above message. Unfortunately the file is a confidential research proposal so I can't include it in a FP-report. Regards, Kees Theunissen. -- Kees Theunissen, System and network manager, Tel: +31 (0)40-3334724 Dutch Institute For Fundamental Energy Research (DIFFER) e-mail address: c.j.theunis...@differ.nl postal address: PO Box 6336, 5600 HH, Eindhoven, the Netherlands visitors address: De Zaale 20, 5612 AJ, Eindhoven, the Netherlands _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
