Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
774
Views
0
Helpful
2
Replies

Trojan in Jabber 11.1.2

charlesiancabico
Level 1
Level 1

‎12-01-2015 11:03 PM - edited ‎03-17-2019 05:42 PM

Does anyone get a trojan warning when opening the jabber11.1.2 installer from cisco's download page.

My McAfee seems to detect an Artemis Trojan on the CiscoJabberSetup.msi.

Attached image shows mcafee alert for the jabber installer.

1 person had this problem
Labels:
Preview file
119 KB
0 Helpful
2 Replies 2

Manish Gogna
Cisco Employee
Cisco Employee

‎12-02-2015 12:46 AM

Hi,

I do not see any such reported cases , it is most likely something on the PC. You may try downloading from a different PC and see how it goes.

Manish

- Do rate helpful posts -

0 Helpful

Ruben Trujillo
Level 4
Level 4
In response to Manish Gogna

‎05-03-2016 02:07 PM

My company has experienced this issue for the last few Jabber upgrades.  McAfee sees a file as an Artemis Trojan and deletes it.  This has happened when users upgraded from 10.6.4 to 11.0.x, 11.1.x, 11.5.x and most recently 11.6.  For the latter version the file "Binary.NewBinary26" was deleted from several directories on a user's machine.  For example, c:\Windows\Installer\a519858.msi\Binary.NewBinary26. 

The deletion of this file then causes issues for the user when they attempt to upgrade to the next version.  Because this file is missing the upgrade fails and the user is prompted informing him that the file is missing from a particular directory.  The workaround that we've been using is to place the installer for the older version that's installed into said directory.  This usually works but not for all users.  When it doesn't Jabber must be completely removed, including in the registry.  This is all very time consuming and a bad user experience.  According to our IT Security department Cisco should share the Jabber installer with McAfee before every new release to ensure they add the files to their trusted file database and validate them against all new DAT releases.  Is  Cisco currently doing this?  If not, then please start doing this as soon as possible to avoid this issue in the future.   

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents