This ticket is opened as Nuxeo Drive 5.2.4 is now detected as a Trojan by MS Defender AV while it was not the case of previous versions.
There have been reports of 2 different threats by MSAV:
- Trojan Wacatac.B!ml
Notice that these threats are reported based on behavior, not as static analysis.
How to reproduce:
- configure Drive 5.2.4 with an account on a server and leave start on boot checked
- have some actions on the server such as synchronizing a folder
- reboot the client-side and wait for Drive to start
- have some actions on the server such as adding or removing files from the synchronized folder
=> Nuxeo Drive is then silently removed from the client-side by MS Defender Anti Virus and the csymptm for the user is that the piece of software vanished.
You can retrieve the notification in the Microsoft Security Center in the protection history.