Antivirus reports Adobe Acrobat Reader updates as virus

2»

All Replies


  • ans
    ans Posts: 2
    same usg110
  • ans
    ans Posts: 2
    usg110 and usq60
    1 B4 Wildcore.Virus.2a2412ce 635 54.51 %
    2 C6 Gen.Variant.Zusy.fcd0bf06 530 45.49 % 
  • kyssling
    kyssling Posts: 94  Ally Member
    This problem have USG 110 sooo long time ...
  • Sam_MTF
    Sam_MTF Posts: 1
    Does anyone have a solution to solve this problem.
    My USGs are flooding me of alerts
  • ZachWest
    ZachWest Posts: 1
    We are also having this problem.

    Virus infected SSI=N Type=Anti-Malware Signature Virus=Gen.Variant.Fugrafa.398dff27 File=AcroRdrDCUpd2100120150_incr.msp Protocol=HTTP

    ATP200
    v4.62
    Latest definitions as of 4/21

    I'm concerned that this may impact a legitimate download.  Adobe products are full of security problems in a normal basis.  I would rather be up to date on this.  But then again, is this a source code supply chain attack and there is a virus embedded in this code update? I would like to think not, but in this day in age you can't rule it out. 

    Can anyone from ZYXEL comment on this issue?
    @Zyxel_Can
  • Zyxel_Can
    Zyxel_Can Posts: 342  Zyxel Employee
    edited April 2021

    Hi @Przemek, @Ynnek, @KITNIIT, @mMontana, @trojan29, @jonatan, @FEL, @Bonnet, @Massimo_F, @ans, @kyssling, @Sam_MTF,

     

    For  AcroRdrDCUpd2100120149_incr.msp file that issue has been solved.

    Please update your Anti-Malware signature to latest version available.

    (Configuration > Licensing > Signature Update)


    Hi @ZachWest,

     

    What's the Anti-Malware signature version of your ATP200?

    (Configuration > Security Service > Anti-Malware > Signature Information)

     

    As far as we know, there’s no chain attack or vulnerability concern for current Acrobat Reader update.

     

    But as new updates for softwares release, it takes time to verify that update of software is clean and implement it to upcoming Anti-Malware signature version.

     

    So it’s always good idea to keep signatures up to date.

    (Configuration > Licensing > Signature Update > Action > Schedule)

  • jonatan
    jonatan Posts: 103  Ally Member
    edited June 2021
    The messages in the logs appear again:

    Virus infected Rule_id=52 SSI=N Virus=A Gen.Variant.MSILHeracles.0d319784 File=AcroRdrDCUpd2100520048_incr.msp Protocol=HTTP



  • Zyxel_Can
    Zyxel_Can Posts: 342  Zyxel Employee
    Hi @jonatan,

    Thank you for your feedback.

    This issue was solved. Please update your signatures.

Security Highlight