On Wed, 13 Sep 2017, lukn wrote: >Hello List > >Same here, I do see FPs with >BC.Win.Exploit.CVE_2017_11244-6335828-0 >hitting legitimate corporate files (so no submission possible from me >either).
We saw BC.Win.Exploit.CVE_2017_11244-6335828-0 hitting a *.docx attachment in an outbound e-mail from one of our users. That was probably a FP too. I didn't see the attachment myself so I'm not sure that it was a FP. I asked the user if the file was confidential and if I could get a copy of the file for inspection and submission of a FP-report. He didn't answer yet. Regards, Kees Theunissen. -- Kees Theunissen, System and network manager, Tel: +31 (0)40-3334724 Dutch Institute For Fundamental Energy Research (DIFFER) e-mail address: c.j.theunis...@differ.nl postal address: PO Box 6336, 5600 HH, Eindhoven, the Netherlands visitors address: De Zaale 20, 5612 AJ, Eindhoven, the Netherlands _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml