New (?) Variant on Flare as Malware (Sophos Endpoint)

This forum is for all Flare issues not related to any of the other categories.
Post Reply
RStreets
Propeller Head
Posts: 63
Joined: Wed Apr 19, 2017 8:37 am
Location: Cambridge, UK

New (?) Variant on Flare as Malware (Sophos Endpoint)

Post by RStreets »

Just in case anyone else encounters a similar situation...

My setup: running Flare 2021 r2 and publishing to Central.

I had a new project I wanted to publish. So I clicked the Upload this project to MadCap Central button on the MadCap Central pane. Almost immediately I got a message about Sophos detecting ransomware in the Flare app. Flare had stopped running the build + publish I'd launched and would not reload.

A quick discussion with the IT folk here (who could only see a message about Sophos detecting that files were being encrypted) and we decided that the first thing to try was rebooting and upgrading to the latest version of Flare. Fortunately this worked.

Things to note:
1. I'd been happily publishing to existing projects on Central (I always publish from my local machine out to Central, not building from the Central interface). It was only creating a new project that tripped the malware scan.
2. Damage:
  • * The .flprj file for the affected project was corrupted, but easily replaced.
    * There is an undeletable (by me) empty(?) project sitting on Central that cannot be used.
No permanent harm done. I'd been planning on upgrading to Flare 2022 after finishing a batch of updates rather than mid-project and I don't like being bumped into an upgrade unexpectedly.
Rae Streets (Flare user since 2017, now on Flare 2023; Central user from 2020)
Post Reply