Closed runbgp closed 2 years ago
antonym
commented
2 years ago More than likely it’s a false positive as I’ve seen in the past. https://github.com/netbootxyz/netboot.xyz/issues/781 Make sure you have the latest Defender and post your info for the definition files here so we can track.
runbgp
commented
2 years ago Agreed - certainly a false positive. I was able to isolate it to this specific security intelligence version shown in the screenshot below. After updating just now to 1.377.123.0 it's no longer detecting a false positive.
antonym
commented
2 years ago Thanks for the update!
voltagex
commented
1 year ago
voltagex
commented
1 year ago I have submitted this as a false positive to Microsoft
https://www.microsoft.com/en-us/wdsi/submission/4a5b8b98-b5ff-4d5d-8fc3-55b6c98c951b
voltagex
commented
1 year ago Looks like it's only the 1.399.129.0 definitions that were flagging it. Comes up clean on VirusTotal too.
https://boot.netboot.xyz/ipxe/netboot.xyz.iso
Downloading the above ISO triggers Windows Defender malware detection causing the download to be blocked and removed.
webfile: C:\Users\runbgp\Downloads\netboot.xyz.iso|https://boot.netboot.xyz/ipxe/netboot.xyz.iso|pid:1908,ProcessStart:133100606421088571