Chrome blocks installation claiming .msi file is malicious.
Steps to reproduce:
1. Open LibreOffice
2. Click download icon in top right of splash page (hovering indicates: "LibreOffice Update available, Click the icon for more information,."
3. Window opened: "LibreOffice 4.2.4 is available. The installed version is LibreOffice 126.96.36.199." Click Download button.
4. Web page opened: http://www.libreoffice.org/download/libreoffice-fresh/?type=win-x86&lang=en-US&version=4.2.4
5. Click green button: "Download version 4.2.4"
6. Donation invitation page opened: http://donate.libreoffice.org/home/dl/win-x86/4.2.4/en-US/LibreOffice_4.2.4_Win_x86.msi
7. In bottom left corner, info box appears: "LibreOffice_4.2.4_Wi....msi <XX changes progressively> MB, <XX likewise> mins left.
8. In bottom left corner, message appears: "LibreOfficew_4.2.4_Wi....msi is malicious and Chrome has blocked it."
9. Checking Chrome's customise icon > Downloads provides list of downloads topped by: "LibreOffice_4.2.4_Win_x86.msi is malicious and Chrome has blocked it."
QUESTION: is the Chrome warning indicating a genuine problem with the installation of 4.2.4, or do I need to find out how to adjust Chrome's security settings?
Operating System: Windows 7
Version: 188.8.131.52 rc
Last worked in: 184.108.40.206 release
try 220.127.116.11 final released today
*** Bug 78553 has been marked as a duplicate of this bug. ***
Put it at New since there's a dup
so it seems Chrome doesn't block *installation* but rather *download* of the LibO install package.
the duplicate is moreover about 18.104.22.168 release so it seems it's a more general issue towards any LibO install package.
question now is: which side is the bug? problem inside LibO package or Google Chrome false positive?
setting to critical, since if people can't download LO via the most popular browser, is is very critical indeed.
I can verify that Chrome (Version 34.0.1847.131 m) on Windows 7, marks all three available released versions currently availably from https://www.libreoffice.org/download/libreoffice-stable/#change as malicios, and is blocking them.
NOTOURBUG candidate, but if every future download will be marked as malicious then TDF has problem with Google.
CCing QA people to take action if possible or escalate to ESC as this is not the first report about it.
(In reply to comment #7)
> NOTOURBUG candidate, but if every future download will be marked as
> malicious then TDF has problem with Google.
> CCing QA people to take action if possible or escalate to ESC as this is not
> the first report about it.
We file whitelist requests with Symantec for our binaries, but for other such systems there's not always a way to request a whitelisting. If you're unsure about the validity of a TDF binary, please do check the signature to verify it's genuine, as we do sign all of our installers.
Resolving -> NOTOURBUG
Migrating Whiteboard tags to Keywords: (possibleRegression)