BC.Win.Exploit.CVE_2017_11244-6335828-0 has been dropped and will be modified to avoid the FPs you've reported.
Thanks, - Alain On Wed, Sep 13, 2017 at 1:13 PM, Kees Theunissen <c.j.theunis...@differ.nl> wrote: > On Wed, 13 Sep 2017, Kees Theunissen wrote: > > >On Wed, 13 Sep 2017, lukn wrote: > > > >>Hello List > >> > >>Same here, I do see FPs with > >>BC.Win.Exploit.CVE_2017_11244-6335828-0 > >>hitting legitimate corporate files (so no submission possible from me > >>either). > > > >We saw BC.Win.Exploit.CVE_2017_11244-6335828-0 hitting a *.docx > >attachment in an outbound e-mail from one of our users. > >That was probably a FP too. > >I didn't see the attachment myself so I'm not sure that it was > >a FP. I asked the user if the file was confidential and if I could > >get a copy of the file for inspection and submission of a FP-report. > >He didn't answer yet. > > Update: he answered while I wrote the above message. > Unfortunately the file is a confidential research proposal so > I can't include it in a FP-report. > > > Regards, > > Kees Theunissen. > > -- > Kees Theunissen, System and network manager, Tel: +31 (0)40-3334724 > Dutch Institute For Fundamental Energy Research (DIFFER) > e-mail address: c.j.theunis...@differ.nl > postal address: PO Box 6336, 5600 HH, Eindhoven, the Netherlands > visitors address: De Zaale 20, 5612 AJ, Eindhoven, the Netherlands > > _______________________________________________ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
