Open gmichaud opened 2 years ago
gmichaud
commented
2 years ago @govert we were running on 1.5.0rc1 and my first idea was to check if a more recent build is available; I see 1.5 final is published by the file is exactly the same :(
A simple workaround for the problem if Microsoft doesn't correct this quickly could be to just recompile the library with a few changes to ensure the hash is different -- I think it's just a signature-based check.
govert
commented
2 years ago Hi @gmichaud - thanks for the heads-up.
A few days ago the list of anti-virus vendors detecting a problem with the file was longer and Microsoft was not on the list (see the end of this thread https://github.com/Excel-DNA/ExcelDna/issues/403 ). Now it seems only Microsoft is having a problem. As you point out, the binary is the same as from the -rc1 version, so had been around for a while (since early June). On my machine with Defender the bad detection only happened with the update of signatures from yesterday to today.
I don't think it helps to make extra binaries - they just muddy the issue. Best is if the file is seen and reported as OK from many places.
I have no idea what one does with this except to allow the files on the machine ('Restore' them in Defender terms) and wait for the storm to pass.
govert
commented
2 years ago This looks like a good url to report the false positive: https://www.microsoft.com/en-us/wdsi/filesubmission
gmichaud
commented
2 years ago @govert everyone at Velixo reported it already using this link. We have also documented how to whitelist the file for now here https://help.velixo.com/en/articles/5718835-error-a-problem-occurred-while-the-add-in-was-creating-an-isolated-application-domain
datvq
commented
2 years ago I also got this error when trying to build new project on Windows 11, with latest update v1.5.0
Rand-Random
commented
2 years ago Same here.
lafritay
commented
2 years ago Same problem. FWIW, the workaround posted by @gmichaud didn't work for me since nothing is showing in my "Current Threats" section (even after a quick scan). I was able to work around this by disabling Real-time protection (but that's not a good long term solution, of course).
gmichaud
commented
2 years ago @lafritay we have updated our instructions for customers, the problem shows up under current threats only while the message box is visible in Excel. That’s probably because the file gets loaded from the XLL and wiped out after you close.
Rand-Random
commented
2 years ago You could also define an exclusion to the file/folder your self. https://support.microsoft.com/en-us/windows/add-an-exclusion-to-windows-security-811816c0-4dfd-af4a-47e4-c301afe13b26
if the file already got deleted you would need to manually restore it.
QuantDevHacks
commented
2 years ago We are using ExcelDna for a quant finance course I teach related to .NET programming and Excel integration. I went through the link that Rand-Random posted above and elaborated on it so that students would be able to work through it. I'm posting it here as well, just to fill in some of the gaps. This worked for me. Hope this helps.
High level, what you need to do is:
Define an exclusion of the library file ExcelDna.Integration.dll in Windows Defender
Uninstall ExcelDna from your Visual Studio project using the NuGet Package Manager Console (same place you used to install it). Just type Uninstall-Package ExcelDna at the prompt.
You will be prompted to close and reopen VS to complete the ExcelDna package removal -- do this.
After VS is reopened, reinstall ExcelDna.
Rebuild your solution.
Now, for the finer details of step 1, the following lists the steps in the Microsoft support link in more detail:
a) Go to Start > Settings > Update & Security > Windows Security > Virus & threat protection.
b) Select Virus & threat protection settings from the main section (not the left margin).
c) Scroll down to Exclusions, and select the link Add or remove exclusions.
d) Click on +Add an exclusion, and select File from the drop-down menu. This will open a File Explorer instance.
e) In the File Explorer that opens, locate the directory where your library project is.
f) Drill down to the subdirectory ..\packages\ExcelDna.Integration.1.5.0\lib\net452
g) Select the file ExcelDna.Integration.dll
h) Click on Open at bottom right of File Explorer.
i) Rebuild your project/solution. It should build properly now.
Rand-Random
commented
2 years ago FYI, in the other issue this was posed https://github.com/Excel-DNA/ExcelDna/issues/403#issuecomment-965973159
gmichaud
commented
2 years ago As of this morning, Windows Defender is no longer considering ExcelDna.Integration as malware: https://www.virustotal.com/gui/file/02f05760666bda9018b95e442486c504cb67f02f5603406be55effc6dbf5c592/detection
gigi81
commented
2 years ago I went through the last 4 non-preview releases and they are all at some level affected. See below table. If you have any idea how to flag these as false positive to different antivirus companies please share the info.
Rand-Random
commented
2 years ago @gigi81 Maybe this PR is for you: https://github.com/Excel-DNA/ExcelDna/pull/431
The Add-in Loader fails to initialize due to ExcelDna.Integration.dll getting flagged as malware by Windows Defender
Issue does not affect previous versions of ExcelDna.
The problem started happening today with the latest Windows Defender updates. I have reported this to Microsoft as a false positive already, but this is likely going to bite other ExcelDNA users here!
See here for VirusTotal report: https://www.virustotal.com/gui/file/02f05760666bda9018b95e442486c504cb67f02f5603406be55effc6dbf5c592/details