On Fri, Jun 22, 2018 at 2:45 PM, Good Guy via Boost-users < boost-users@lists.boost.org> wrote:
On 08/06/2018 22:33, Trung Tran via Boost-users wrote:
From https://dl.bintray.com/boostorg/release/1.67.0/binaries/ boost_1_67_0-msvc-14.1-64.exe I got windows defender warning on Trojan:Win32/Vigorf.A Total virus report the same on the same file. https://www.virustotal.com/#/file/402d07022fe9671e401efc4e90 a1ff25e1bc9e1c23b3d8b1c65e4a2e6799abfc/detection
The link is provided on Boost's official download page < https://www.boost.org/users/download/> so you have to take it on trust.
Please don't take it on trust. If you get a warning for the binaries, check the hashes, then check the signature on the hashes! Boost (esp the binaries) would be an ideal target for a malicious actor to hack and make changes to that then get built into everybody's code. However, this type of attack definitely wouldn't trigger virus scanners, so I'm not worried about these reports (and since others previously in the thread have verified the checksums match). Tom