We're seeing the same (same signature)
It's a Webroot update; at the moment, I'm working off the assumption it's another false positive - but a response from Meraki would be great.
@GiacomoS would you mind asking around and maybe raising a service notice if you find something.
That is the client excutable for webroot secureanywhere anti-virus. I'm also getting alot (20 in the last hour) of these alerts. This is now the second or third time (this year) that meraki has (apparently) considered this file to be malious.
+1, getting this on our clients as well. A case created as well:
Acking the tag (thank you @eyre-jr ). I'll enquire and circle back!
Hey again team,
We are looking into this as it may be a false positive. We have some internal teams to speak with to confirm, so please bear with us. I'm not sure how impactful it is at the moment, so I won't spin up a service notice yet.
Can anyone confirm if the file is actually blocked or if it's just being flagged?
I should have updated the thread - case 08784236, support responded.
The file is benign and Security Center is reporting a Retrospective Malware Detection of wsasme.exe.
So it is indeed a false positive