[clamav-users] Rogue definition Pdf.Exploit.CVE_2018_12798-6633682-0 causing a LOT of FP's
Groach
groachmail-stopspammingme at yahoo.com
Wed Aug 15 07:06:40 UTC 2018
On 15/08/2018 08:00, Groach wrote:
> Could you detail how to whitelist the offending rule please? (I fear
> it will be some time, or never, before this rule gets rectified
> officially).
>
Dont matter. I found the method in the FAQs but its not necessary. It
seems the signatures has been dropped. I didnt get the FPs after last
night.
>
> On 14/08/2018 22:40, lukn wrote:
>> Same here. I agree this rule is causing too many FPs to remain active.
>> Therefore I ended up whitelisting this rule.
>>
>>
>>> I now only run in report mode and not delete mode
>> I don't understand the whish to leave the decision of data destruction
>> to a third party software. My system should follow my rules... and those
>> never include arbitrary data deletion as this can only end in tears.
>> Running any antivirus in delete mode is like playing Russian roulette.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20180815/54964505/attachment.htm>
More information about the clamav-users
mailing list