Subject: Re: [boost] TROJAN INFECTION boost 1.67 binaries for Windows x64 MSVC 14.1
From: Paul A. Bristow (pbristow_at_[hidden])
Date: 2018-07-27 08:19:00
> -----Original Message-----
> From: Boost [mailto:boost-bounces_at_[hidden]] On Behalf Of Zipper Fish via Boost
> Sent: 27 July 2018 02:55
> To: boost_at_[hidden]
> Cc: Zipper Fish
> Subject: Re: [boost] TROJAN INFECTION boost 1.67 binaries for Windows x64 MSVC 14.1
> Thank you
> Ok, I'll whitelist the file "boost_1_67_0-msvc-14.1-64.exe" with some
> trepidation and try installing.
> I normally do search archives and Google extensively for code issues, but
> for a positive hit from the a virus detector, it wasn't the first idea that
> popped into my head.
> Just curious, why would a boost installer trigger virus detectors? Is the
> virus executable linked to a boost library?
> On Thu, Jul 26, 2018 at 6:41 PM, Mateusz Loskot via Boost <
> boost_at_[hidden]> wrote:
> > Read this thread
> > https://lists.boost.org/Archives/boost/2018/05/242200.php
> > It's always a good idea to search through the list archives first.
> > Mateusz Loskot, mateusz_at_[hidden]
> > (Sent from mobile)
> > On Fri, 27 Jul 2018, 00:08 Zipper Fish via Boost, <boost_at_[hidden]>
> > wrote:
> > > Dear boost developers and/or release managers:
> > >
> > > Today I downloaded boost_1_67_0-msvc-14.1-64.exe from the Windows
> > binaries
> > > downloads page:
> > > https://dl.bintray.com/boostorg/release/1.67.0/binaries/
> > >
> > > The file contains a Trojan, according to Windows Defender.
> > >
> > > Screenshot:
> > >
> > > https://usercontent.irccloud-cdn.com/file/Uy6o19AC/2018-07-
> > 26%2016_29_52-Windows%20Defender%20Security%20Center.jpg
You could download and unzip the zipped version instead if that makes you feel better?
My experience is that several virus checkers intermittently but persistently find false positives in Boost libraries that I
re-build; I have been reduced to placing then in a separate partition which is not virus checked.
(Since Microsoft use Boost internally, I am puzzled why this issue hasn't caused some liaison between the C++ users and the Defender
--- Paul A. Bristow Prizet Farmhouse Kendal UK LA8 8AB +44 (0) 1539 561830
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk