Threat Level: green Handler on Duty: Daniel Wesemann

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

CA Apologizes for False Positive

Published: 2009-07-12
Last Updated: 2009-07-12 16:51:14 UTC
by Mari Nichols (Version: 1)
0 comment(s)

One of our readers, Melvin, was kind enough to send us a heads up on an issue with CA DAT files.   The site refers to a "false positive" detection for Win32/Amalum for detections via Microsoft Windows Service Pack 3 and commercial application, Cygwin.  The files are quarantined and the file is appended with the extension "*.AVB".  The files will still be intact and organizations running ISS should restore files from the GUI.  For those using ITM, a search tool is available from CA support upon request. 

Please update your signatures to DAT 6606 to ensure protection from the false positive.  Here is a link to the CA statement. 

Mari Nichols

iMarSolutions.com

0 comment(s)
Diary Archives