Malicious File - ArchiveFile - W32.7F4CBDDDA2.RET.SBX.TG

cnaron
Comes here often

Malicious File - ArchiveFile - W32.7F4CBDDDA2.RET.SBX.TG

Reporting across 100+ sites, I've seen others reporting this as well.  Appears to be MS update related, disposition changed and is now flagging as malicious/blocked.  1000's were allowed through before disposition was changed.  Same thing happened about a year ago, related to an MS update.

 

Source:  9.tlu.dl.delivery.mp.microsoft.com

 

[http://9.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/8dea8123-fd8f-492c-9c2d-7cdfab740447?P1=1681398256&P2=404&P3=2&P4=MfVNhcdbZfud6jewyT%2b8ana%2b8c9bZAGjTJzFleDabV567nUloqLAlJM78V5wGwfOSpnIKNtbXOKduQ%2fJeWBylQ%3d%3d]

3 Replies 3
Jameson
Getting noticed

Following the same issue in our environment on this post as well: Re: MX Malware Blocking - The Meraki Community

ConnorL
Meraki Employee
Meraki Employee
BlakeRichardson
Kind of a big deal
Kind of a big deal

Issue is resolved.

 

https://status.meraki.net/incidents/66pj1lx1m4vs

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels