Threat detected in NSX Edge Bare Metal ISO files.
search cancel

Threat detected in NSX Edge Bare Metal ISO files.

book

Article ID: 427965

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

A security scan (Windows Defender) reported a potential threat Exploit:Win32/Pdfjsc.ALR within the nsx-edge-3.2.5.2.0.24943757.iso image. 

Environment

VMware NSX-T Data Center
VMware NSX

Cause

The flagged files (js_detector.py and its compiled bytecode js_detector.pyc) are part of an embedded security component (Lastline RAPID) within the nsx-edge image. These artifacts are detectors designed to extract JavaScript from PDF/XML content and identify potentially malicious scripts. Because the code handles patterns commonly associated with exploit techniques, antivirus engines can mistakenly classify it as exploit-related.

Resolution

Contact Microsoft and provide this KB information for confirmation.

Powered by Wolken Software