[GNC] Possible malware in GnuCash 3.14 for Windows

Stan Brown (using GC 4.14) stan+gc at fastmail.fm
Sun Jan 18 13:50:26 EST 2026 

Stan Brown
Tehachapi, CA, USA
https://BrownMath.com

On 2026-01-18 09:47, Robert Heller wrote:
> I don't (and never have) used MS-Windows, but videos I've seen on YouTube 
> suggest that most add-on antivirus software for *recent* versions of 
> MS-Windows are a waste of money.  "Windows Defender" (which is build in to 
> revent versions of MS-Windows) does everything any MS-Windows user needs.  
> Almost all malware these days are phishing E-Mail and depend on esentially 
> socially engineering to get the user to visit some website to trick the user 
> into revealing login credintials.  Malware writers generally don't bother much 
> with the clasic forms of malware these days.  And yes, Windows Defender will 
> probably flag legit versions of GnuCash, since GnuCash is not "signed" by a 
> Microsoft supplied certificate.  You will have to "whitelist" (whatever that 
> entails) GnuCash.

Both in Windows 10 and Windows 11 on my machines, the popup complaint
about "unknown publisher" or similar has a "More info" link which is,
let's say, quite poorly named. Actually, "More info" is what you must
select to get to the "run anyway" or "install anyway" option.

Here's how I know. The email program Betterbird, a fork of Mozilla
Thunderbird, has much more frequent updates than GnuCash. As with
GnuCash, it has no signing certificate. Every time, I get the prompt,
click "More info" and then "install anyway," and I have no issues.

I second what Robert Heller says about third-party antimalware being a
waste of money on Windows 10 and 11 systems.(*) (Malwarebytes is an
exception, but the free version is sufficient; you just have to remember
to run it manually.) Windows Defender seems to do a fine job. We have
had extensions about malware protection on the Windows 10 and Windows 11
Usenet newsgroups, and the consensus matches what Robert said. At this
point, I agree, social engineering is a bigger threat than traditional
malware, at least for people who stay away from sketchy websites and use
common sense with email. Never open an  attachment you weren't
expecting, even if it purports to come from someone you know.

(*) Avast is arguably malware, in a small way, since it inserts an
advertisement for itself in the emails you send. This happens without
your permission, and to stop it you must follow a procedure that is far
from obvious.

Stan Brown
Tehachapi, CA, USA
https://BrownMath.com/

More information about the gnucash-user mailing list