[Libreoffice-bugs] [Bug 151771] New: Malwarebytes blocks libreoffice

Wed, 26 Oct 2022 09:58:29 -0700 

https://bugs.documentfoundation.org/show_bug.cgi?id=151771

            Bug ID: 151771
           Summary: Malwarebytes blocks libreoffice
           Product: LibreOffice
           Version: 7.4.2.3 release
          Hardware: All
                OS: Windows (All)
            Status: UNCONFIRMED
          Severity: normal
          Priority: medium
         Component: Writer
          Assignee: libreoffice-bugs@lists.freedesktop.org
          Reporter: hans.rott...@gmail.com

Description:
When opening a document or starting Writer blank (FileOpen) it is blocked by
MalwareBytes as an Exploit

Steps to Reproduce:
1.Install Malwarbytes
2.Start LibreOffice
3.

Actual Results:
LibreOffice stops and MalwareBytes gives a report

Expected Results:
Started application without interference of MalwareBytes


Reproducible: Always


User Profile Reset: Yes

Additional Info:
The report from MalwareBytes:

Malwarebytes
www.malwarebytes.com

-Logboekdetails-
Datum beveiligingsgebeurtenis: 26-10-2022
Tijd beveiligingsgebeurtenis: 15:59
Logbestand: 51a00a0c-5536-11ed-b6f2-f0bf97686fff.json

-Software-informatie-
Versie: 4.5.15.215
Versie componenten: 1.0.1784
Update pakketversie: 1.0.61573
Licentie: Premium

-Systeeminformatie-
Besturingssysteem: Windows 10 (Build 19044.2130)
Processor: x64
Bestandssysteem: NTFS
Gebruiker: System

-Details van exploit-
Bestand: 0
(Geen kwaadaardige items gedetecteerd)

Exploit: 1
Malware.Exploit.Agent.Generic, C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\cmd.exe \c c:\Program Files (x86)\ATI Stream\bin\x86_64\clc
-Dfp_t=double -Dfp_t4=double4 -Dfp_t16=double16 -DINPUTSIZE=15360
-DAMD_DP_EXTENSION  --emit=llvmbc --march=x86-64 -D__CPU__=1 -D__x86_64__=1
-Dcl_amd_fp64=1 -Dcl_khr_global_int32_base_atomics=1
-Dcl_khr_global_int32_extended_atomics=1 -Dcl_khr_local_int32_base_atomics=1
-Dcl_khr_local_int32_extended_atomics=1 -Dcl_khr_int64_base_atomics=1
-Dcl_khr_int64_extended_atomics=1 -Dcl_khr_byte_addressable_store=1
-Dcl_khr_gl_sharing=1 -Dcl_ext_device_fission=1
-Dcl_amd_device_attribute_query=1 -Dcl_amd_printf=1 -Dcl_khr_d3d10_sharing=1 -o
C:\Users\Henk\AppData\Local\Temp\OCLAA77.tmp.bc
C:\Users\Henk\AppData\Local\Temp\OCLAA77.tmp.cl 1>
C:\Users\Henk\AppData\Local\Temp\OCLAA77.tmp.log 2>&1, Geblokkeerd, 0, 392684,
0.0.0, , 

-Exploit-gegevens-
Getroffen toepassing: LibreOffice
Beveiligingslaag: Application Behavior Protection
Beveiligingstechniek: Exploit Office spawning batch command blocked
Bestandsnaam: C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\cmd.exe \c
c:\Program Files (x86)\ATI Stream\bin\x86_64\clc -Dfp_t=double -Dfp_t4=double4
-Dfp_t16=double16 -DINPUTSIZE=15360 -DAMD_DP_EXTENSION  --emit=llvmbc
--march=x86-64 -D__CPU__=1 -D__x86_64__=1 -Dcl_amd_fp64=1
-Dcl_khr_global_int32_base_atomics=1 -Dcl_khr_global_int32_extended_atomics=1
-Dcl_khr_local_int32_base_atomics=1 -Dcl_khr_local_int32_extended_atomics=1
-Dcl_khr_int64_base_atomics=1 -Dcl_khr_int64_extended_atomics=1
-Dcl_khr_byte_addressable_store=1 -Dcl_khr_gl_sharing=1
-Dcl_ext_device_fission=1 -Dcl_amd_device_attribute_query=1 -Dcl_amd_printf=1
-Dcl_khr_d3d10_sharing=1 -o C:\Users\Henk\AppData\Local\Temp\OCLAA77.tmp.bc
C:\Users\Henk\AppData\Local\Temp\OCLAA77.tmp.cl 1>
C:\Users\Henk\AppData\Local\Temp\OCLAA77.tmp.log 2>&1
URL: 



(end)

-- 
You are receiving this mail because:
You are the assignee for the bug.

Reply via email to