Jump to content

XLN Installer Update Available


Larry Shelby

Recommended Posts

Bitdefender went nuts here with infected web resource alerts after I clicked to start update on XLN Online Installer. So I canceled the update.

The XLN installer itself updated without issue, but it was addictive Drums and Keys that needed application updates. And that is when the alerts started.

Will try again tomorrow... most likely a false positive, but ya never know... the disclosure of the exploit of the SolarWinds supply chain this week is still fresh in mind! Thousands of companies and federal agencies may have been unknowingly compromised, going back to earlier this year. I'm not a tin foil hatter, but just cautious! https://www.theverge.com/2020/12/15/22176053/solarwinds-hack-client-list-russia-orion-it-compromised

Bitdefender alert - infected web resource - XLN installer.PNG

Edited by abacab
  • Thanks 1
Link to comment
Share on other sites

hopefully they were legit !!! - I'll upload the dlls  to virustotal later to check. 

@abacab Was it just the 32 bit files that flagged ?

 

release notes are here;

https://www.xlnaudio.com/support/addictive-keys-1-3-0-december-15th-2020-

https://www.xlnaudio.com/support/addictive-drums-2-1-14-december-12th-2020-

Edited by simon
  • Like 1
Link to comment
Share on other sites

so yet another XLN installer update this morning (!)

 

I uploaded the 16 and 32bit dlls for AD1/2 and AK to virustotal - nothing found

I directly downloaded that file from cloudfront that you listed in your post - and again virustotal found nothing  - including bitdefender ?

The cloudfront file was the same file hash as the ones on my pc, so they haven't 'fixed' them since I downloaded yesterday.

always much better to be safe than sorry -  although I suspect that government agencies could get into any home network if they really wanted too......

(PS thanks for flagging!)

  • Thanks 1
Link to comment
Share on other sites

7 hours ago, simon said:

hopefully they were legit !!! - I'll upload the dlls  to virustotal later to check. 

@abacab Was it just the 32 bit files that flagged ?

It was just that first dll for Addictive Keys that got flagged 10 times before I cancelled. Apparently Bitdefender kept re-trying that one. Nothing got through.

Edited by abacab
Link to comment
Share on other sites

5 hours ago, simon said:

so yet another XLN installer update this morning (!)

 

I uploaded the 16 and 32bit dlls for AD1/2 and AK to virustotal - nothing found

I directly downloaded that file from cloudfront that you listed in your post - and again virustotal found nothing  - including bitdefender ?

The cloudfront file was the same file hash as the ones on my pc, so they haven't 'fixed' them since I downloaded yesterday.

always much better to be safe than sorry -  although I suspect that government agencies could get into any home network if they really wanted too......

(PS thanks for flagging!)

@simonThat was my Bitdefender web protection flagging it, not the file scanner.

As far as I understand it, the web protection is a "url" scanner, so it likely got hung up on that location of the file at "cloudfront.net". For some unknown reason it thought  malware may be lurking there, so it played it safe and blocked it. Probably a false positive.

Software managers download files outside of the browser. I have many active blacklists in my browser, so it won't connect to known malware sites. But a download manager bypasses the browser, leaving things up to other malware defenses as far as potentially malicious url's.

Thanks for checking!

FYI: ran the XLN installer again this morning and updated both products OK. No further alerts! All clear! ?

  • Thanks 1
Link to comment
Share on other sites

35 minutes ago, simon said:

it says "infected web resource"  on that specific file.   Cloudfront itself hasn't appeared on any blacklist

false positive....(I hope !)

Probably some funky aggressive heuristics in Bitdefender. I noticed it updated protection definitions late last night, after the alerts.

Also checked my firewall logs and the XLN installer connected to the same url this morning as the one it alerted on last night.

I have also scanned my system with Malwarebytes and HitmanPro. All clean...

Edited by abacab
  • Like 1
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×
×
  • Create New...