Possible SCRDL Exploit — Jetpack

Could you paste the full error message. A screenshot would be helpful as well.

I’m almost sure this is a false positive, but we’ll look into it if you can provide the full error.

Thanks for letting us know.

Thanks Michael.

See below.

billb

Possible SCRDL 1.gif

Possible SCRDL 2.gif

Possible SCRDL.pdf

I tried hard to reproduce this problem, but couldn’t manage.

I have Windows 7 and IE9. I downloaded the free trial of Trend Micro? Titanium? Maximum Security 2012.

I let Trend Micro update itself, then loaded a Jetpack blog’s stats page, which was the only place I could see load-scripts anywhere (though it’s load-scripts.php not load-scripts.js). I got no warning. I then ran a full scan from within Trend Micro and it found nothing.

I’m pretty sure this is a false positive on Trend Micro’s part, but without being able to reproduce the problem, my only suggestion is to contact Trend Micro and see what they have to say.

Hi there
is there any updates regarding this issue?
no problem with me if this only “false alarm”, but what if it is true?

hopefully someone can give me the updates

Hi Michael and Wigid,

Thanks so much for your interest in the issue I raised.

I suspect Michael is correct in his assessment.

In any case, Trend Micro stopped giving the alert. I don’t know if it was an update to TM or Jetpack that stopped the notification.

If anyone is still interested, right-click on the following link for the js file that TM was alerting on.

load-scripts.js

Thanks again!!

billb