WordPress.org

Support

Support » Plugins and Hacks » Possible SCRDL Exploit — Jetpack

Possible SCRDL Exploit — Jetpack

  • Hi,

    Trend Micro antivirus is giving me a “possible SCRDL exploit” on my personally hosted WordPress blog whenever I authorize the JetPack plugin to communicate with wordpress.com.

    The suspect file is “load-scripts.js” and may actually come from wordpress.com rather than JetPack.

    Please help!

    Thanks!!

    billb

Viewing 5 replies - 1 through 5 (of 5 total)
  • Could you paste the full error message. A screenshot would be helpful as well.

    I’m almost sure this is a false positive, but we’ll look into it if you can provide the full error.

    Thanks for letting us know.

    I tried hard to reproduce this problem, but couldn’t manage.

    I have Windows 7 and IE9. I downloaded the free trial of Trend Micro™ Titanium™ Maximum Security 2012.

    I let Trend Micro update itself, then loaded a Jetpack blog’s stats page, which was the only place I could see load-scripts anywhere (though it’s load-scripts.php not load-scripts.js). I got no warning. I then ran a full scan from within Trend Micro and it found nothing.

    I’m pretty sure this is a false positive on Trend Micro’s part, but without being able to reproduce the problem, my only suggestion is to contact Trend Micro and see what they have to say.

    Hi there
    is there any updates regarding this issue?
    no problem with me if this only “false alarm”, but what if it is true?

    hopefully someone can give me the updates

    Hi Michael and Wigid,

    Thanks so much for your interest in the issue I raised.

    I suspect Michael is correct in his assessment.

    In any case, Trend Micro stopped giving the alert. I don’t know if it was an update to TM or Jetpack that stopped the notification.

    If anyone is still interested, right-click on the following link for the js file that TM was alerting on.

    load-scripts.js

    Thanks again!!

    billb

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Possible SCRDL Exploit — Jetpack’ is closed to new replies.
Skip to toolbar