search

WikiTransformationProject / wikitraccs-releases

Releases, issues and discussions for WikiTraccs from the Wiki Transformation Project
https://www.wikitransformationproject.com
8 stars 0 forks source link

[Bug] Trend Micro V14.01.12033 treats / removes WikiTraccs.Console.exe as malware #71

Closed PretoPlasma closed 11 months ago

PretoPlasma commented 11 months ago

Is there an existing issue for this?

Current Behavior

When running WikiTraccs on a Windows Machine being secured by Trend Micro V14.01.12033, Trend Micro treats WikiTraccs.Console.exe as malware.

image

This happened one time during runtime of WikiTraccs. The process of the executable file was killed and the executable file was moved to quarantine. According to Trend Micro log the security threat was labeled as "unauthorized file encryption".

image image

Expected Behavior

The executable file should not treated as malware. It should not being stopped by security software.

WikiTraccs Version

v1.6.6

Confluence Version

Confluence 7 (up to 7.17)

Confluence Data Center?

Relevant log output or page storage format

No response

Anything else?

This is just to let you know about this behaviour. We have a workaround excluding WikiTraccs working directory from being watched by Trend Micro.

heinrich-ulbricht commented 11 months ago

@PretoPlasma Thank you for letting me know this. WikiTraccs is using code obfuscation to provide some level of disassembling protection. Looks like this triggers the alert :|

heinrich-ulbricht commented 11 months ago

Closing this as there is nothing I can think of that could be done here. Will monitor if more reports come in. Thanks again for the heads-up!