Hi,
I just downloaded the current examples file from GitHub Aspose.Cells-for-Java-master.zip and Sophos Endpoint Agent flagged it as malicious (“CXweb/DocDI-BF detected”). It says manual cleanup required for the file InternationalMacroSheet.xlsm within the zip file above.
Is this a false positive or a real infection that got into the example code after you posted it publicly?
Thank you.
The file “InternationalMacroSheet.xlsm” has macros in it as I checked the file from its source repos. MS Excel prompts an error message about untrusted macros, you may confirm it by manually opening the file into MS Excel. Since the file has macros in it, so probably your Sophos Endpoint Agent thinks it has malicious code in it. Anyways, you can simply remove the file from the directory after you have downloaded the examples archive to your disk. You may even replace it with some other file (if needed). This file is being used in the Java example.
Thank you very much for the info, amjad.sahi. Should we be concerned about Aspose files becoming infected on Github? How does the company normallly protect these Github files from malicious bad actors?
Thanks again.
No, you need not be concerned about it. Aspose GitHub repositories are protected. Generally, we do not allow external (outside Aspose) actors to make commits in our repositories. Since the mentioned file has macros in it, which are supposed to be malicious code by Sophos. Anyways, we will further evaluate, double-check, and get back to you with new updates.
And generally we do not use template files that contain macros for our documents and demos if it is not necessary. If it is needed to use one, we are also concerned about the security and only use the macros which have no harmful code. For the mentioned sample in this post, it is just the one to demonstrate macro-related usages, so it is required to use one template file with macros.