Blazor-WASM Project - McAfee detects Trojan. False positive?

VAST · February 15, 2022, 4:40pm

Hello,

If get a brand new WASM project by using: x new blazor-wasm ProjectName

then set the Publish settings to Self-contained win-x64 the following two files are detected as trojans by McAfee Endpoint Security in the published folder:

wwwroot\_framework\System.Text.Json.dll (v6.0.121.56705 281KB)
wwwroot\_framework\System.Private.Runtime.InteropServices.JavaScript.dll (v6.0.121.56705 20.5KB)

Is this a false positive?

My nuget package source is: https://www.myget.org/F/servicestack

Thank you.

mythz · February 15, 2022, 4:49pm

These aren’t ServiceStack .dll’s included in any ServiceStack package, they’re core .NET .dll’s included in the default .NET install.

You can report this issue to the .NET team although I don’t expect they’ll be able to do much about it.

VAST · February 16, 2022, 8:15am

Hi @mythz,

I thought thought maybe the ServiceStack template was downloading a specific version that had this issue but I have just tried it with a plain Blazor WASM template and it has the same issue.

I will try to contact the .NET team but like you say, I won’t get my hopes up.

Thank you.