Bitdefender saying Bitwarden's install script has a virus?

I’m trying to install Bitwarden following the instructions here:
https://bitwarden.com/help/install-on-premise-windows/#setup-docker-desktop

However, when I try to execute Step 3 that says to issue this command:
.\bitwarden.ps1 -install

Bitdefender blocks it, with the message:

PowerShell tried to load a malicious resource detected as Heur.BZC.ZFV.Boxter.341.3970F0B0 and was blocked. Your device is safe

and the command errors out in powershell with the message:

At C:\Bitwarden\bitwarden.ps1:1 char:1

  • param (

This script contains malicious content and has been blocked by your antivirus software.
+ CategoryInfo : ParserError: (: ) [], ParseException
+ FullyQualifiedErrorId : ScriptContainedMaliciousContent

Is anyone else having this issue? I assume it is a false positive, but am not sure how to confirm that?

Hey @Dawg001 and welcome to the community,

I can pretty much guarantee you that it is a false positive.
Bitwarden is open-source meaning you can see the source code of what make Bitwarden tick, and can view the PowerShell self-hosted install script here.

If you can’t make sense of all the source (genuinely most of us cannot otherwise you are probably a coder) then the other thing you can do is put some trust into 3rd party auditors such as Insight Risk Consulting and Cure53 which Bitwarden has used in the past.
You can trust, but verify as well (which is extremely important IMO) as Bitwarden is very transparent and all their security reports are provided here.

In reading this Bitdefender community post your best option may be to report the error and false positive to Bitdefender to resolve though.
Regardless I hope this post helps to alleviate any worries. :slightly_smiling_face:

Thanks all, this has been shared with the team :+1:

@cksapp @dwbit thanks for your help!

As a final update, I tried it again this morning and the BitDefender warning/block no longer appears.

2 Likes