Hi Alain, I've just submitted a small selection of the files being tagged as infected.
Regards Mark > On 27 Aug 2015, at 11:09 am, Alain Zidouemba <azidoue...@sourcefire.com> > wrote: > > Al, > > I will be pulling the signature shortly. Could you please submit a few of > the file that are alerting here: http://www.clamav.net/report/report-fp.html > ? > > Thanks, > > - Alain > > On Wed, Aug 26, 2015 at 11:21 PM, Al Varnell <alvarn...@mac.com> wrote: > >> Two Mac users so far are reporting a flood of files identified as being >> infected with Php.Exploit.CVE_2015_2331. Most of those files are >> components of OS X and it’s Unix subsystem. >> >> Although I have verified that the signature is present in the current >> database, I am unable to locate in the clamav-virusdb e-mails I have, so it >> must have been in daily 20840 which I did not receive this afternoon. >> >> I urge you to whitelist this at your earliest convenience before permanent >> damage is suffered by users who mistakenly quarantine or delete these files. >> >> >> -Al- _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
