Bloodhound.Exploit.106 False Positive

On the heels of resolving the Bloodhound.Exploit.104 virus alert last night, I was greeted with a Bloodhound.Exploit.106 alert this morning When our file server was indexed by Sharepoint, the antivirus on the file server quarantined a word document. I believe this detection is a false positive.
Bloodhound.Exploit.106 is a heuristic detection for an Unspecified Vulnerability in Microsoft Word (as described in Microsoft Security Advisory 929433).
The URL I have used in the past to submit files no longer seems to be available. So I enabled the quarantine option to submit the file to Symantec. It was the first time I’ve used that method of submission. They say the reply time to reporting this false positive is two days. I hope it doesn’t take that long.

One Comment

Comments are closed.