We are March 20, 2023, around 4:00 PM ETC
So I downloaded and tried to install Adobe Reader. I made sure it was from the official website, as I already have a story with a third-party one. So it was no doubt from get.adobe.com. Halfway through installation, Windows Defender blocked it because it found the Wacatac B, a serious threat, attached to the .exe file. The affected file was rooted in: C:/PRogramData/Adobe/Temp/7682/installer.bin. It was deleted at that moment.
Just in case, I went back and double-checked my browsing history. And again, that was get.adobe.com.
Did that happen to anyone, how could this be?
I think the threat was blocked, but I'm running a full scan through my laptop at the moment, with Windows Defender again, and with Malware Bytes later. I will edit if further detail is found.
Did you update the antivirus definitions before retrying? False positives are often fixed quickly. Or you may need to report it - no good reporting it to Adobe, it's your antivirus makers who have to fix it.
Thanks for your answer. Yes, I had everything up to date and double-checked afterward. I don't feel confident downloading this file again and retrying, though, until I understand what happened.
And yes, I read about false positives.
I'm including the pictures that I took at the moment. Sometimes I wonder if my cursor drifted to a third-party website unknowingly. Have no idea what a blob is.
A "blob" is basically a file. This is fine, since you're downloading from the adobe.com domain.
It's most likely a false positive by Windows Defender.
Clearly there is a problem.
Same detection on my computer.
That virus is serious. The good news is I haven't noticed any breach to my accounts so far, it has been 3 days. So Windows Defender did prevent the worst.
Exact same problem here.
Not installing Acrobat Reader until this issue will be explained by Adobe.
same situation, 27/03/2023, 2 AM.
I can survive without the reader from adobe. Some risks are not worth taking.
I dont really care if its a false positive or not. Both big companies, sort it out between yourselves. Until that, lost clients.
Hope you are doing well, and thanks for reporting this issue. I will get it checked internally with our team.
Please remove the application using the Acrobat cleaner tool https://www.adobe.com/devnet-docs/acrobatetk/tools/Labs/cleaner.html , reboot the computer once, and reinstall the application using the direct link https://get.adobe.com/reader/enterprise/ and see if that helps.
Let us know if you experience any trouble and need more help.
We had the same issue. Adobe does not seem to think the problem is on their end, despite several isolated cases with the same problem. I am also using Defender for Endpoint and it was also labeled as 'Wacatac.'
This issue is known to our engineering team and is being worked upon.
We will share more details as soon as we get any updates.