[clamav-users] Rogue definition Pdf.Exploit.CVE_2018_12798-6633682-0 causing a LOT of FP's

[lukn]

Same here. I agree this rule is causing too many FPs to remain active.
Therefore I ended up whitelisting this rule.


> I now only run in report mode and not delete mode

I don't understand the whish to leave the decision of data destruction
to a third party software. My system should follow my rules... and those
never include arbitrary data deletion as this can only end in tears.
Running any antivirus in delete mode is like playing Russian roulette.