Page 1 of 1

MS Security essenstials sees something in 4.7 as malware

PostPosted: Sat Sep 15, 2012 4:38 pm
by getjams
I just upgraded from 4.7 beta 3 to 4.7 final and Microsoft Security essentials removed two items it saw as "severe" threats.

Category: Exploit
Detected Item: Exploit:Java/CVE-2008-5353.WX
Alert Level: Severe
Action Taken: Removed
Description: This program is dangerous and exploits the computer on which it is run.
Recommended action: Remove this software immediately.
Items:
file:C:\subsonic\jetty\3106\webapp\WEB-INF\classes\net\sourceforge\subsonic\dao\schema\Schema47.class
file:C:\subsonic\jetty\3106\webapp\WEB-INF\classes\net\sourceforge\subsonic\domain\Artist.class

It actually looks like it happened when I installed 4.7 beta 3 as well as I see two items in the log, one from a few weeks ago and one from today when I ran the 4.7 upgrade.

Re: MS Security essenstials something in 4.7 as malware

PostPosted: Sat Sep 15, 2012 4:38 pm
by getjams
Forgot to mention. This is 32bit Windows 7 Ultimate, using the most current Java 7 update.

Re: MS Security essenstials sees something in 4.7 as malware

PostPosted: Sun Sep 16, 2012 5:41 pm
by getjams
Whatever MS Security excluded made subsonic not work at all, started giving 503 service unavailable errors. I excluded C:\Subsonic from MS Security Essentials scanner and re-installed 4.7 and am back up and running. Still odd that it thought those two .class files were "severe" threats.

Re: MS Security essenstials something in 4.7 as malware

PostPosted: Mon Sep 17, 2012 3:50 am
by PieterB
getjams wrote:Forgot to mention. This is 32bit Windows 7 Ultimate, using the most current Java 7 update.


Whenever you post something, and you forgot to write a little detail, it is better to edit your post instead of replying to your own post - in this case even twice.
HTH