[GNC] [Spam] Re: Possible malware in GnuCash 3.14 for Windows

Deb Boyce dd.boyce at outlook.com
Sun Jan 18 15:11:33 EST 2026 

Correction, forty years.

Sent from Outlook for Android<https://aka.ms/AAb9ysg>
________________________________
From: Deb Boyce <dd.boyce at outlook.com>
Sent: Sunday, January 18, 2026 12:10:58 PM
To: Stephen Wiley <swiley at swiley.net>; Deb B <debrboyce at gmail.com>
Cc: Stan Brown (using GC 4.14) <stan+gc at fastmail.fm>; gnucash-user at gnucash.org <gnucash-user at gnucash.org>
Subject: Re: [Spam] Re: [GNC] Possible malware in GnuCash 3.14 for Windows

I've considered going over to Linux for many reasons, but I haven't touched that O/S in thirty years and about the only command I remember is "kill" and the fact that slashes go the other way in the file paths. After fifty years working in a DOS/Wintel environment, I'm afraid my brain may be too old to make the switch at this point. 😄

Deb

Sent from Outlook for Android<https://aka.ms/AAb9ysg>
________________________________
From: Stephen Wiley <swiley at swiley.net>
Sent: Sunday, January 18, 2026 12:05:22 PM
To: Deb B <debrboyce at gmail.com>
Cc: Stan Brown (using GC 4.14) <stan+gc at fastmail.fm>; gnucash-user at gnucash.org <gnucash-user at gnucash.org>; Deb Boyce <dd.boyce at outlook.com>
Subject: Re: [Spam] Re: [GNC] Possible malware in GnuCash 3.14 for Windows

You are, at the end of the day, trusting these antivirus vendors to come
up with *patterns* to identify binary artifacts as clean or malicious.

If your system is so important that you need this the appropriate thing
to do is to have people read *the source* and build the binaries from
that. This is how Linux distributions work. If your standards are low
enough that you're unwilling to demand that level of scrutiny then the
practical path forward is to disable your antivirus software which is
almost certainly going to get hung up on particulars output from
compilers and not intent.

--Stephen

On Sun, Jan 18, 2026 at 06:59:23PM +0000, Deb B wrote:
> So it does make sense to depend on Windows Defender, but I'm still left with Android and iOs devices to protect.
>
> Deb
>
> Sent from Outlook for Android<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Faka.ms%2FAAb9ysg&data=05%7C02%7C%7Cc14ced37c9564d7eaaf808de56cceb34%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C639043635270304890%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=LG%2B16Bnwitlp0Dir9S32wyR318Nz%2FSMajI%2FPxPc01j0%3D&reserved=0<https://aka.ms/AAb9ysg>>
> ________________________________
> From: gnucash-user <gnucash-user-bounces+debrboyce=gmail.com at gnucash.org> on behalf of Stan Brown (using GC 4.14) <stan+gc at fastmail.fm>
> Sent: Sunday, January 18, 2026 10:50:26 AM
> To: gnucash-user at gnucash.org <gnucash-user at gnucash.org>
> Cc: Deb Boyce <dd.boyce at outlook.com>
> Subject: Re: [GNC] Possible malware in GnuCash 3.14 for Windows
>
>
> Stan Brown
> Tehachapi, CA, USA
> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbrownmath.com%2F&data=05%7C02%7C%7Cc14ced37c9564d7eaaf808de56cceb34%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C639043635270322806%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=R%2BTtX%2Bw%2FQb7scWzuilrgkNYzuuwu2Dkcvj%2FY1O6d5bI%3D&reserved=0<https://brownmath.com/>
>
> On 2026-01-18 09:47, Robert Heller wrote:
> > I don't (and never have) used MS-Windows, but videos I've seen on YouTube
> > suggest that most add-on antivirus software for *recent* versions of
> > MS-Windows are a waste of money.  "Windows Defender" (which is build in to
> > revent versions of MS-Windows) does everything any MS-Windows user needs.
> > Almost all malware these days are phishing E-Mail and depend on esentially
> > socially engineering to get the user to visit some website to trick the user
> > into revealing login credintials.  Malware writers generally don't bother much
> > with the clasic forms of malware these days.  And yes, Windows Defender will
> > probably flag legit versions of GnuCash, since GnuCash is not "signed" by a
> > Microsoft supplied certificate.  You will have to "whitelist" (whatever that
> > entails) GnuCash.
>
> Both in Windows 10 and Windows 11 on my machines, the popup complaint
> about "unknown publisher" or similar has a "More info" link which is,
> let's say, quite poorly named. Actually, "More info" is what you must
> select to get to the "run anyway" or "install anyway" option.
>
> Here's how I know. The email program Betterbird, a fork of Mozilla
> Thunderbird, has much more frequent updates than GnuCash. As with
> GnuCash, it has no signing certificate. Every time, I get the prompt,
> click "More info" and then "install anyway," and I have no issues.
>
> I second what Robert Heller says about third-party antimalware being a
> waste of money on Windows 10 and 11 systems.(*) (Malwarebytes is an
> exception, but the free version is sufficient; you just have to remember
> to run it manually.) Windows Defender seems to do a fine job. We have
> had extensions about malware protection on the Windows 10 and Windows 11
> Usenet newsgroups, and the consensus matches what Robert said. At this
> point, I agree, social engineering is a bigger threat than traditional
> malware, at least for people who stay away from sketchy websites and use
> common sense with email. Never open an  attachment you weren't
> expecting, even if it purports to come from someone you know.
>
> (*) Avast is arguably malware, in a small way, since it inserts an
> advertisement for itself in the emails you send. This happens without
> your permission, and to stop it you must follow a procedure that is far
> from obvious.
>
> Stan Brown
> Tehachapi, CA, USA
> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbrownmath.com%2F&data=05%7C02%7C%7Cc14ced37c9564d7eaaf808de56cceb34%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C639043635270332805%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=t6qv6B4D%2F38b4suBcQ1uYnTWrBBWaq23PCAooosOTrI%3D&reserved=0<https://brownmath.com/>
> _______________________________________________
> gnucash-user mailing list
> gnucash-user at gnucash.org
> To update your subscription preferences or to unsubscribe:
> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.gnucash.org%2Fmailman%2Flistinfo%2Fgnucash-user&data=05%7C02%7C%7Cc14ced37c9564d7eaaf808de56cceb34%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C639043635270342345%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=6X9aSU5Ha1%2BlbOZ7sWRuT6LUmtCF7hUTw3IrucIUylo%3D&reserved=0<https://lists.gnucash.org/mailman/listinfo/gnucash-user>
> -----
> Please remember to CC this list on all your replies.
> You can do this by using Reply-To-List or Reply-All.
> _______________________________________________
> gnucash-user mailing list
> gnucash-user at gnucash.org
> To update your subscription preferences or to unsubscribe:
> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.gnucash.org%2Fmailman%2Flistinfo%2Fgnucash-user&data=05%7C02%7C%7Cc14ced37c9564d7eaaf808de56cceb34%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C639043635270352101%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=X9zLD8gO1CC0yidrWWNYMGFceZ69HDtd%2F5AIBvGwBMQ%3D&reserved=0<https://lists.gnucash.org/mailman/listinfo/gnucash-user>
> -----
> Please remember to CC this list on all your replies.
> You can do this by using Reply-To-List or Reply-All.

More information about the gnucash-user mailing list