Cedric Knight <[email protected]> wrote: > Hi > > I'm seeing BC.Exploit.CVE_2012_0184 hit a wide variety of attachments as > of 14:40 UTC this afternoon. Will submit a sample the usual way, but > wanted to warn that it just seems to be quite extensive. (also > possibly BC.Exploit.CVE_2012_0165). > > Anyone else seeing this?
Hello yes, we've seen a lot of BC.Exploit.CVE_2012_1847 as well as BC.Exploit.CVE_2012_0184 today on one of our servers. Clamscan quarantined a load of MS Word, MSI and Excel documents. However, it was our suspicion it's a false positive as two other AV scanners (Sophos and Avira) see these files as clean. Also, I put one of the files back on the server after the latest definitions were installed and it's still there, not been quarantined. Andrew -- Andrew Thompson [email protected] _________________________________________________________ This mail sent using V-webmail - http://www.v-webmail.org _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
