You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After downloading the windows release cri-containerd-cni-1.7.11-windows-amd64.tar.gz the antivirus reports the files
.\cni\bin\sdnoverlay.exe
.\cni\bin\sdnbridge.exe
als malicious software. For double check, if the file was uploaded to www.virustotal.com, they say that 43 / 72 of their security vendors analysis complain this as malicious.
Screenshot:
As other example for a newer release, uploading windows relase cri-containerd-cni-1.7.14-windows-amd64.tar.gz to www.virustotal.com, this reports only on 5 / 72 of their security vendors analysis as malicious.
So is this a false positive and can be added to exclusions, or is this really malicious?
Description
After downloading the windows release cri-containerd-cni-1.7.11-windows-amd64.tar.gz the antivirus reports the files
.\cni\bin\sdnoverlay.exe
.\cni\bin\sdnbridge.exe
als malicious software. For double check, if the file was uploaded to www.virustotal.com, they say that 43 / 72 of their security vendors analysis complain this as malicious.
![image](https://private-user-images.githubusercontent.com/164083980/314224822-ee423f6b-58e8-4e2c-a1bf-576af5d2ee12.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTg5MzcyNDQsIm5iZiI6MTcxODkzNjk0NCwicGF0aCI6Ii8xNjQwODM5ODAvMzE0MjI0ODIyLWVlNDIzZjZiLTU4ZTgtNGUyYy1hMWJmLTU3NmFmNWQyZWUxMi5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNjIxJTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDYyMVQwMjI5MDRaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT04ZjYzMjk5YmVhMjU2NmM0ZDU0ODc1NzdjMDNkZDUxMmY2ZTc5MzA4ZDlkYTJjMjQ2OWYxMmE4ODI4YjRiMmRhJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.rjTfFvff1p4TKz2kJBQb58FiRJfhHpEXPk3PRC4fKsk)
Screenshot:
As other example for a newer release, uploading windows relase cri-containerd-cni-1.7.14-windows-amd64.tar.gz to www.virustotal.com, this reports only on 5 / 72 of their security vendors analysis as malicious.
So is this a false positive and can be added to exclusions, or is this really malicious?
Steps to reproduce the issue
Describe the results you received and expected
The result is, that the file was quarantined by antivirus software.
Expected behavior is, that antivirus software should not complain.
What version of containerd are you using?
1.7.11
Any other relevant information
No response
Show configuration if it is related to CRI plugin.
No response
The text was updated successfully, but these errors were encountered: