Skip to Content.
Sympa Menu

cat-users - Re: [cat-users] [Ticket#10178308] Symantec Endpoint Security reports virus in Eduroam Installer

cat-users AT lists.geant.org

Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

List archive

Re: [cat-users] [Ticket#10178308] Symantec Endpoint Security reports virus in Eduroam Installer


Chronological Thread 
    < Chronological >      < Thread >
  • From: A.L.M.Buxey AT lboro.ac.uk
  • To: Wireless <wireless AT unibe.ch>
  • Cc: cat-users AT geant.net, mobile AT switch.ch, philipp.tobler AT id.unibe.ch, fabian.mauchle AT switch.ch
  • Subject: Re: [cat-users] [Ticket#10178308] Symantec Endpoint Security reports virus in Eduroam Installer
  • Date: Mon, 8 Sep 2014 11:19:46 +0000
  • List-archive: <http://mail.geant.net/pipermail/cat-users/>
  • List-id: "The mailing list for users of the eduroam Configuration Assistant Tool \(CAT\)" <cat-users.geant.net>
Hi,

> are there any plans (by you or AV manufacturers) to fix this? It's a pain
> if all or at least many Windows users have to open CMD and enter commands
> by hand to get eduroam running.

the AV vendors really need to sort their stuff out - its a false positive
caused
by the detection of the framework installer that eduroamCAT uses as malware.
unfortunately, whilst older AV products use fingerprint/blacklist heuristics
rather than code analysis avoiding this is 'difficult'. if eduroamCAT used
a different packager/installer etc then you can bet that'd also get detected
wrongly in the future after 'bank-malware-X' uses the same to get onto
systems :(

alan



Archive powered by MHonArc 2.6.19.

Top of Page