https://bugs.documentfoundation.org/show_bug.cgi?id=151771
Bug ID: 151771 Summary: Malwarebytes blocks libreoffice Product: LibreOffice Version: 7.4.2.3 release Hardware: All OS: Windows (All) Status: UNCONFIRMED Severity: normal Priority: medium Component: Writer Assignee: libreoffice-bugs@lists.freedesktop.org Reporter: hans.rott...@gmail.com Description: When opening a document or starting Writer blank (FileOpen) it is blocked by MalwareBytes as an Exploit Steps to Reproduce: 1.Install Malwarbytes 2.Start LibreOffice 3. Actual Results: LibreOffice stops and MalwareBytes gives a report Expected Results: Started application without interference of MalwareBytes Reproducible: Always User Profile Reset: Yes Additional Info: The report from MalwareBytes: Malwarebytes www.malwarebytes.com -Logboekdetails- Datum beveiligingsgebeurtenis: 26-10-2022 Tijd beveiligingsgebeurtenis: 15:59 Logbestand: 51a00a0c-5536-11ed-b6f2-f0bf97686fff.json -Software-informatie- Versie: 4.5.15.215 Versie componenten: 1.0.1784 Update pakketversie: 1.0.61573 Licentie: Premium -Systeeminformatie- Besturingssysteem: Windows 10 (Build 19044.2130) Processor: x64 Bestandssysteem: NTFS Gebruiker: System -Details van exploit- Bestand: 0 (Geen kwaadaardige items gedetecteerd) Exploit: 1 Malware.Exploit.Agent.Generic, C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\cmd.exe \c c:\Program Files (x86)\ATI Stream\bin\x86_64\clc -Dfp_t=double -Dfp_t4=double4 -Dfp_t16=double16 -DINPUTSIZE=15360 -DAMD_DP_EXTENSION --emit=llvmbc --march=x86-64 -D__CPU__=1 -D__x86_64__=1 -Dcl_amd_fp64=1 -Dcl_khr_global_int32_base_atomics=1 -Dcl_khr_global_int32_extended_atomics=1 -Dcl_khr_local_int32_base_atomics=1 -Dcl_khr_local_int32_extended_atomics=1 -Dcl_khr_int64_base_atomics=1 -Dcl_khr_int64_extended_atomics=1 -Dcl_khr_byte_addressable_store=1 -Dcl_khr_gl_sharing=1 -Dcl_ext_device_fission=1 -Dcl_amd_device_attribute_query=1 -Dcl_amd_printf=1 -Dcl_khr_d3d10_sharing=1 -o C:\Users\Henk\AppData\Local\Temp\OCLAA77.tmp.bc C:\Users\Henk\AppData\Local\Temp\OCLAA77.tmp.cl 1> C:\Users\Henk\AppData\Local\Temp\OCLAA77.tmp.log 2>&1, Geblokkeerd, 0, 392684, 0.0.0, , -Exploit-gegevens- Getroffen toepassing: LibreOffice Beveiligingslaag: Application Behavior Protection Beveiligingstechniek: Exploit Office spawning batch command blocked Bestandsnaam: C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\cmd.exe \c c:\Program Files (x86)\ATI Stream\bin\x86_64\clc -Dfp_t=double -Dfp_t4=double4 -Dfp_t16=double16 -DINPUTSIZE=15360 -DAMD_DP_EXTENSION --emit=llvmbc --march=x86-64 -D__CPU__=1 -D__x86_64__=1 -Dcl_amd_fp64=1 -Dcl_khr_global_int32_base_atomics=1 -Dcl_khr_global_int32_extended_atomics=1 -Dcl_khr_local_int32_base_atomics=1 -Dcl_khr_local_int32_extended_atomics=1 -Dcl_khr_int64_base_atomics=1 -Dcl_khr_int64_extended_atomics=1 -Dcl_khr_byte_addressable_store=1 -Dcl_khr_gl_sharing=1 -Dcl_ext_device_fission=1 -Dcl_amd_device_attribute_query=1 -Dcl_amd_printf=1 -Dcl_khr_d3d10_sharing=1 -o C:\Users\Henk\AppData\Local\Temp\OCLAA77.tmp.bc C:\Users\Henk\AppData\Local\Temp\OCLAA77.tmp.cl 1> C:\Users\Henk\AppData\Local\Temp\OCLAA77.tmp.log 2>&1 URL: (end) -- You are receiving this mail because: You are the assignee for the bug.