- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
We have recently started having an issue in my organization where exe's generated by Intel Fortran are being blocked by Windows Defender as security risks. All these exe's do is to read input data from text files, crunch numbers and print out the results to text or HDF files; usual Fortran stuff. Talking to our security folks, they say they haven't changed anything in their security policies and the problem is originating from Windows Defender. We are using Visual Studio 2019 as the IDE.
Has anybody been having similar issues? if so, any suggestions how to resolve the issue?
Thanks,
Jon
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It appears that Windows Defender is using a "White List". i.e. a list of approved programs.
You can (should be able to) configure Windows Defender to omit your output folder, or add your application to an approved list.
Control Panel\System and Security\Windows Defender Firewall\Allowed apps
Jim Dempsey
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I had similar problems with Symantec several years ago. I was able to submit my exe's to Symantec to be scanned, after which they were added to the white list. After 24-48 hours, when the new signature files were distributed to users, I was able to distribute the apps to other users.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What is more likely is that Defender is noticing that an EXE was just generated, which is a behavior seen in malware. That said, I use Defender on my systems and never see a problem here.
What specifically is Defender complaining about? Share a screenshot of its message.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Jim, Steve:
Our organization-wide security protocols are managed by our IT staff so I don't have control over modifying the white list. On my end, all I see is an "Access Denied" error even for a program as simple as Hello World. After many back-and-forth emails with IT staff, I was connected to the security group and they told me it is the Windows Defender blocking the exe's.
They will "whilelist" my entire account so that should solve my problem (I'll believe it when I see, though). The issue is that I share these exe's with other people from my organization so I am not sure if the IT is willing to give everybody a blanket security clearance.
I was just wondering if this is a common problem, but it appears it is not.
Thanks for the replies anyways.
Jon
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I managed to find out what Windows Defender is complaining about. I never had such an issue up until about 10 days ago.
Jon
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If I read this correctly (I had to look up "prevalence"), this rule triggers if you have an executable that not everybody has or something you just built and did not put in a directory that is left unwatched. Gosh, there are probably good reasons to do so, but that makes developing programs even more difficult than it already is.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
On a similar note, a recent IFORT .exe of mine was flagged by 7 of the 70 anti-virus programs actioned by www.virustotal.com . After considerable tweaking of compilation and linker options, I finally produced an equivalent IFORT .exe not flagged by any AV software.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
MikeWinsteps,
That's interesting! What flags did you manipulate to get the exe pass AV checks?
Jon
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This really has nothing to do with Fortran or the compiler. Your IT staff has added a rule blocking executables that were recently created. My suggestion is to ask if they will whitelist your development folder. It would affect anyone building executables in any language.
There is nothing you can do otherwise, as it is not the content of the EXE that is being flagged but rather its age.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page