Fortran compiler generated exe's are being blocked by Windows Defender

Jon_D · ‎05-22-2023

Hello,

We have recently started having an issue in my organization where exe's generated by Intel Fortran are being blocked by Windows Defender as security risks. All these exe's do is to read input data from text files, crunch numbers and print out the results to text or HDF files; usual Fortran stuff. Talking to our security folks, they say they haven't changed anything in their security policies and the problem is originating from Windows Defender. We are using Visual Studio 2019 as the IDE.

Has anybody been having similar issues? if so, any suggestions how to resolve the issue?

Thanks,

Jon

jimdempseyatthecove · ‎05-22-2023

It appears that Windows Defender is using a "White List". i.e. a list of approved programs.

You can (should be able to) configure Windows Defender to omit your output folder, or add your application to an approved list.

Control Panel\System and Security\Windows Defender Firewall\Allowed apps

Jim Dempsey

DavidWhite · ‎05-23-2023

I had similar problems with Symantec several years ago. I was able to submit my exe's to Symantec to be scanned, after which they were added to the white list. After 24-48 hours, when the new signature files were distributed to users, I was able to distribute the apps to other users.

Steve_Lionel · ‎05-22-2023

What is more likely is that Defender is noticing that an EXE was just generated, which is a behavior seen in malware. That said, I use Defender on my systems and never see a problem here.

What specifically is Defender complaining about? Share a screenshot of its message.

Jon_D · ‎05-22-2023

Jim, Steve:

Our organization-wide security protocols are managed by our IT staff so I don't have control over modifying the white list. On my end, all I see is an "Access Denied" error even for a program as simple as Hello World. After many back-and-forth emails with IT staff, I was connected to the security group and they told me it is the Windows Defender blocking the exe's.

They will "whilelist" my entire account so that should solve my problem (I'll believe it when I see, though). The issue is that I share these exe's with other people from my organization so I am not sure if the IT is willing to give everybody a blanket security clearance.

I was just wondering if this is a common problem, but it appears it is not.

Thanks for the replies anyways.

Jon

Jon_D · ‎05-22-2023

I managed to find out what Windows Defender is complaining about. I never had such an issue up until about 10 days ago.

Jon

Arjen_Markus · ‎05-22-2023

If I read this correctly (I had to look up "prevalence"), this rule triggers if you have an executable that not everybody has or something you just built and did not put in a directory that is left unwatched. Gosh, there are probably good reasons to do so, but that makes developing programs even more difficult than it already is.

MikeWinsteps · ‎05-23-2023

On a similar note, a recent IFORT .exe of mine was flagged by 7 of the 70 anti-virus programs actioned by www.virustotal.com . After considerable tweaking of compilation and linker options, I finally produced an equivalent IFORT .exe not flagged by any AV software.

Jon_D · ‎05-23-2023

MikeWinsteps,

That's interesting! What flags did you manipulate to get the exe pass AV checks?

Jon

Steve_Lionel · ‎05-23-2023

This really has nothing to do with Fortran or the compiler. Your IT staff has added a rule blocking executables that were recently created. My suggestion is to ask if they will whitelist your development folder. It would affect anyone building executables in any language.

There is nothing you can do otherwise, as it is not the content of the EXE that is being flagged but rather its age.