Security

No, your BlueJeans conference system isn't malware: Here's the real issue

Antivirus programs have been falsely labelling BlueJeans as malware, but there's an easy fix.

For the past month, antivirus software has been flagging conferencing application BlueJeans as malware, The Register reported. Some 27 security programs, including Trend Micro, McAfee, and Avast, were marking the application as malicious, according to a VirusTotal scan.

But BlueJeans hasn't been infected with malware: Instead, the antivirus alarms went off due to a cryptographically unsigned library, that has since been replaced in an update, BlueJeans CTO Alagu Periyannan told The Register.

"The entire executable is signed by BlueJeans. However, one of the libraries of the app was not signed," Periyannan said. "We have signed that one library and now the virus scanners no longer generate a false positive."

SEE: Security awareness and training policy (Tech Pro Research)

Trend Micro confirmed to The Register that it was indeed a false positive.

"Upon analysis, it appears our automation triggered the initial detection based on some existing rules, and upon further review we found it to be non-malicious," a Trend Micro spokesperson told The Register. "We are working to refine the rules to account for this type of file in the future."

To fix the issue, all a BlueJeans user has to do is update the software to version 2.6, the report noted. Many customers have already seen the fix, which was automatically rolled out in June.

This issue highlights the need for developers of business tools to ensure they meet all security standards, and aren't missing any certificates or unsigned libraries that could lead to a problem like this. This is especially important for vendors, who don't want to lose customer trust. For business users, this is a reminder to keep all systems up to date to avoid security problems.

The big takeaways for tech leaders:

  • For the past month, 27 different antivirus programs were falsely marking the BlueJeans conference application as malicious.
  • The issue was due to a cryptographically unsigned library, that has since been replaced in an update. Users should update their software immediately.

Also see

istock-686181752-1.jpg
Image: iStockphoto/grapestock

About Alison DeNisco Rayome

Alison DeNisco Rayome is a Staff Writer for TechRepublic. She covers CXO, cybersecurity, and the convergence of tech and the workplace.

Editor's Picks

Free Newsletters, In your Inbox