Closed Bug 1468067 Opened 2 years ago Closed 2 years ago

Firefox installer doesn't pass VirusTotal test

Categories

(Firefox :: Installer, defect)

60 Branch
Unspecified
Windows
defect
Not set

Tracking

()

RESOLVED INVALID

People

(Reporter: ilasa01, Unassigned)

References

Details

Attachments

(1 file)

Attached image Firefox_Installer.jpg
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36

Steps to reproduce:

Downloaded Firefox installer from https://download-installer.cdn.mozilla.net/pub/firefox/releases/60.0.2/win32/en-GB/Firefox%20Installer.exe



Actual results:

Uploaded the file in VirysTotal https://www.virustotal.com/#/home/upload
The file appears infected in 7zS.sfx


Expected results:

The file didn't pass Cylan and Antiy-AVL detection
Component: Untriaged → Installer
OS: Unspecified → Windows
This is a report URL:
https://www.virustotal.com/#/file/2c47201f53f76dd7469a591af273a79272ab80c668d76caec34b3be2b16842a7/detection

This is a false positive from 2 Antivirus engines. This is no bug in the installer or a something that Mozilla can change.
Thanks for reporting this. What you've got there is the correct official installer; you aren't being man-in-the-middle attacked and fed an infected one, and it isn't infected on our end either. These really are just standard false positives.

Cylance appears to be detecting anything that's been through UPX as unsafe. That's certainly a questionable thing to do, but it means that bug 1199754 would at least get rid of that particular detection. Antiy-AVL isn't doing that though, so I don't think there's any workaround available to us for it.

In any case, :Matti is right; this isn't our bug and we don't have a way to properly fix it.
Status: UNCONFIRMED → RESOLVED
Closed: 2 years ago
Resolution: --- → INVALID
See Also: → 1199754
Packing Firefox installer with UPX is at least questionable
You need to log in before you can comment on or make changes to this bug.