Bug 128127 - Windows Defender reports threat in file fdo49893-3.rtf
Summary: Windows Defender reports threat in file fdo49893-3.rtf
Status: RESOLVED NOTABUG
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: Writer (show other bugs)
Version:
(earliest affected)
unspecified
Hardware: All All
: medium normal
Assignee: Not Assigned
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-10-13 23:04 UTC by Jesper Korsholm Brogaard
Modified: 2019-10-14 22:44 UTC (History)
1 user (show)

See Also:
Crash report or crash signature:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jesper Korsholm Brogaard 2019-10-13 23:04:05 UTC 
Description:
I have downloaded the source code to LibreOffice 6.3.3 (libreoffice-6.3.3.1.tar.xz) and extracted the files from the archive. 

Windows Defender reports Exploit:O97M/CVE-2010-3333.PA found in libreoffice-6.3.3.1\sw\qa\extras\rtfimport\data\fdo49893-3.rtf

About the exploit: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=Exploit:O97M/CVE-2010-3333.PA

Steps to Reproduce:
1. Download the source code from libreoffice.org
2. Extract the source code
3. Run Windows Defender and scan

Actual Results:
Windows Defender reports 

Expected Results:
Windows Defender reports Exploit:O97M/CVE-2010-3333.PA found in libreoffice-6.3.3.1\sw\qa\extras\rtfimport\data\fdo49893-3.rtf


Reproducible: Always


User Profile Reset: No



Additional Info:
Comment 1 raal 2019-10-14 18:41:23 UTC 
Hello, it's detected only by one antivirus: https://www.virustotal.com/gui/file/a73637b479b306648325901dda6e9b78d0876e17837a191cd69cc8525560ed65/detection

Please report it to microsoft
Comment 2 Jesper Korsholm Brogaard 2019-10-14 22:44:43 UTC 
Hello raal,

I didn't know virustotal.com, thank you for the link. I will report it to Microsoft as you recommend.

Kind regards,
Jesper