Exploit-CVE-2010-2738 in Ermine updates?

[DoghouseReilley]

TL,DR: Multiple versions of the update.zip for the Pocket Edge are being flagged by McAfee Stinger as having a virus.
Well met, strangers. I bought an enTourage Pocket eDGe Dualbook off Woot recently, and while I'm waiting for it to show up in the mail (shipping to APO takes forever sometimes) I've been downloading updates and reading about all the tinkering you've done.
Now for the hook: I ran some virus scans this morning, and when McAfee Stinger (version 10.1.0.1629, 27 May 2011 virus definitions) reached the folder I've downloaded my Edge updates into it came up with warnings. The problem appears to be a TrueType font (rursuscompactmono_2.ttf) which is in multiple updates and is susceptible to exploits. Stinger claims it's infected with a virus called Exploit-CVE-2010-2738. Frankly I don't know what to make of this, since I doubt Android has the same vulnerabilities, but this seems like something which the good people of Mobilereads should be aware of.
The file in question appears in these archives & paths:

ermine-1.01.002.zip\system2.zip\EsiDictionary.apk\rursusc ompactmono_2.ttf

p-update.zip.ermine-0.9.zip\system2.zip\EsiDictionary.apk\rursuscompac tmono_2.ttf

PocketEdge_updates_by_Mark_Rehorst.zip\update.zip. ermine-0.9.PE\system2.zip\EsiDictionary.apk\rursuscompact mono_2.ttf

update.zip\system2.zip\EsiDictionary.apk\rursuscom pactmono_2.ttf

[emusan]

Quote:

Originally Posted by DoghouseReilley

McAfee Stinger

There's your problem, McAfee gives more false positives than pretty much any other antivirus out there.

[ivanjt]

Quote:

Originally Posted by emusan

There's your problem, McAfee gives more false positives than pretty much any other antivirus out there.

How true. At one stage we were thinking of charging extra every time someone brought in a notebook complaining the McAfee AV said they hab a virus and could we clean it up. The other thing is that it also seems to miss several as well.

[Filark]

Darn! I get McAfee free and thought it was working well for me. Guess I'll have to rethink.

Welcome to MobileRead, Doghouse!

[emusan]

I have never once paid for computer security, there are many free options out there for both the incredibly geeky and non-geeky alike, if you would like some recommendations I can give you some...

[DoghouseReilley]

Thanks for the welcome. Re: AV solutions, I switched over to MS Security Essentials for my main desktop a few months ago, but I run portable and online virus scans from various providers now and again since every program seems to have slightly different blind spots and this was such an occasion.
Back to OP topic, I shall proceed on the assumption that it's nothing to worry about, and my conscience is salved by knowing I at least pointed it out to the community.
In the meantime, still waiting for the Edge to show up in the mail. (Probably another two weeks, given previous experience with Woot shipping.)

[muranternet]

FYI I haven't seen any alerts from Kapersky, Malwarebytes or Avast. I can't speak to AVG since I stopped using it a year ago. McAfee does throw a lot of false positives. IMHO it's second only to Trend Micro in false positives/missed actual malware.

[ivanjt]

Another thing you have to consider, it is being flagged as a windows virus - it runs on windows. The PE uses Android - based on linux - therefore, even if there is a virus, not very likely, it won't work anyway.

I#ve had a look at those files and there appears to nothing untoward in them - at least on the download I have.

[obsessed2]

I downloaded both the EE and PE Ermine updates which got a clean bill of health from Norton.

[kennyminot]

I've been using AVAST now seemingly since the beginning of time. I like that a sultry woman's voice tells me when my virus files have been updated. Makes me feel like a stud.

[emusan]

Quote:

Originally Posted by kennyminot

I've been using AVAST now seemingly since the beginning of time. I like that a sultry woman's voice tells me when my virus files have been updated. Makes me feel like a stud.

I used to use avast a lot, but around two years ago I stopped as it seemed to become more and more bloated without really finding a lot of stuff(I do some testing of viruses and antiviruses in VM's for fun). I've since moved to MSE with Comodo Defense+(for heuristics) and firewall, and sandboxie(best protection ever if you know how to use it imho).

[DoghouseReilley]

Quote:

Originally Posted by ivanjt

Another thing you have to consider, it is being flagged as a windows virus - it runs on windows. The PE uses Android - based on linux - therefore, even if there is a virus, not very likely, it won't work anyway.

That is my default assumption as well. As I mentioned, I didn't think this was an issue that would actually affect Android devices, but wanted to see what the forum thought about it.
A Woot shirt for my wife which I ordered on the 11th of June arrived yesterday... so the wait will probably be another two weeks minimum. In the meantime I amuse myself by designing cases for it on Gelaskins.