rtk-ai/rtk

Windows Defender flags v0.39.0 Windows asset as Trojan:Win32/Bearfoos.B!ml

Open

#1782 aperta il 8 mag 2026

Vedi su GitHub
 (1 commento) (1 reazione) (0 assegnatari)Rust (2914 fork)batch import
area:securitybughelp wantedplatform:windowspriority:high

Metriche repository

Star
 (48.085 star)
Metriche merge PR
 (Merge medio 11g 1h) (45 PR mergiate in 30 g)

Descrizione

Summary

Microsoft Defender Antivirus flags the official v0.39.0 Windows release asset as Trojan:Win32/Bearfoos.B!ml.

Affected asset

Defender detection

  • Detection: Trojan:Win32/Bearfoos.B!ml
  • Threat ID: 2147731849
  • Severity: Severe
  • Category: Trojan
  • Defender security intelligence: AV/AS/NIS 1.449.506.0
  • Engine: 1.1.26030.3008
  • Action: Quarantine
  • DidThreatExecute: False
  • First detection: 2026-05-08 03:26:34 local time
  • Process: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Affected local paths

  • C:\Users\Arthur A. Martins\.local\bin\rtk.exe
  • C:\Users\Arthur A. Martins\AppData\Local\Temp\rtk-18614f5410514dccac17eceb1d8b6902\rtk.exe

Notes

The local ZIP hash matches the official GitHub release asset digest, so this does not look like local tampering of the downloaded archive. Defender blocks the extracted executable when attempting to hash or inspect it.

I am also submitting the file/hash to Microsoft Security Intelligence as a likely false positive.

Related prior reports: #1633, #1749.

Guida contributor