Update: overnight I began getting these for Adobe as well. There's no update on my support case.
Has anyone heard back from Meraki Support on what's happening here? Last I heard they were investigating and the comment here marked as "Solved" implies the same.
Yes, also seeing Adobe file being reported here.
2 Different Files:
eutl12.acrobatsecuritysettings (SHA256: 7b512b45b6903b562e7f52b04a7715c05f0bb0cfc42438d6f1f2cdbb32124ac6)
eutl11.acrobatsecuritysettings (SHA256: 3ed06a6ff00c0015e85609f509b11c3cdf0ab9991d74b1d44daab7c264fd99d9)
No hits for these on VirusTotal, coming from an Akamai server with an Adobe URL, so pretty confident this is false positive as well.
My feedback from support was that Engineering was aware of the issue, and I would get an update when it was resolved. I've not gotten an update yet and still seeing blocks for the original Microsoft file. So seems like original issue is still ongoing.
I've whitelisted the SHA256 in AMP in most of my sites, and that clears up the alert issue.
I spoke to Meraki support regarding eutl12.acrobatsecuritysettings (SHA256: 7b512b45b6903b562e7f52b04a7715c05f0bb0cfc42438d6f1f2cdbb32124ac6) and they advised this is also a false positive - most likely due to outdated MX software. Check your MX version and see what you find there.