Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: CA Apologizes for False Positive - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
CA Apologizes for False Positive

One of our readers, Melvin, was kind enough to send us a heads up on an issue with CA DAT files.   The site refers to a "false positive" detection for Win32/Amalum for detections via Microsoft Windows Service Pack 3 and commercial application, Cygwin.  The files are quarantined and the file is appended with the extension "*.AVB".  The files will still be intact and organizations running ISS should restore files from the GUI.  For those using ITM, a search tool is available from CA support upon request. 

Please update your signatures to DAT 6606 to ensure protection from the false positive.  Here is a link to the CA statement. 

Mari Nichols

Mari Nichols

76 Posts
Jul 12th 2009

Sign Up for Free or Log In to start participating in the conversation!