Win.Exploit.CVE_2016_3316-1

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
MIS
Posts: 3
Joined: Sat Sep 13, 2014 3:27 am

Win.Exploit.CVE_2016_3316-1

Postby MIS » Wed Aug 10, 2016 5:03 pm

All emails with any .doc files attached are being quarantined as viruses due to Win.Exploit.CVE_2016_3316-1. I've already run Windows Updates on all internal machines and the versions of Office we run are not even affected by the vulnerability. Even .doc files created with our Office versions are being blocked. What is the correct way to whitelist an antivirus signature (preferably per IP or domain)? Zimbra Version: 8.7.0_GA_1659.FOSS


Uma Shankar
Zimbra Employee
Zimbra Employee
Posts: 40
Joined: Wed Jun 01, 2016 5:01 am

Re: Win.Exploit.CVE_2016_3316-1

Postby Uma Shankar » Thu Aug 11, 2016 4:16 am

MIS wrote:All emails with any .doc files attached are being quarantined as viruses due to Win.Exploit.CVE_2016_3316-1. I've already run Windows Updates on all internal machines and the versions of Office we run are not even affected by the vulnerability. Even .doc files created with our Office versions are being blocked. What is the correct way to whitelist an antivirus signature (preferably per IP or domain)? Zimbra Version: 8.7.0_GA_1659.FOSS


Hi,

This is happening due to an update by Clamav signature database. Please read here http://lists.clamav.net/pipermail/clama ... 03237.html
I think an freshclam update will resolve the issue.
Please check here when was the last update done /opt/zimbra/log/freshclam.log

Regards,
Uma Shankar

Return to “Administrators”

Who is online

Users browsing this forum: No registered users and 16 guests