Meraki

fiftycal45 · ‎Nov 6 2020

Is anyone else experiencing MX IPS alerts- "malware downloaded detected" for the new Apple update

Meraki-MX · ‎Nov 6 2020

Hello,

We apologize for the inconvenience.

The AMP Research and Efficacy Team (RET) are aware and currently investigating the issue. The immediate issue should be fixed now. The current hash is marked clean.

Thank you.

View solution in original post

CamG · ‎Nov 6 2020

Yeah, received two this morning. Alert didn't really clue me into where it was coming from. IP addresses of two of our access points.

Qasim · ‎Nov 6 2020

I have recieved atleast 5 alerts today

usnyc3-vip-bx-004.aaplimg.com17.253.15.204 United States 2

usnyc3-vip-bx-002.aaplimg.com17.253.15.202 United States 1

usnyc3-vip-bx-006.aaplimg.com17.253.15.206 United States 1

usewr1-vip-bx-002.aaplimg.com17.253.97.202 United States 1

8.250.89.254 United States 1

W32.42D7434E10-95.SBX.TG 3

86ea5441393e1f0b96656bb5ad56364b308b7ca6.zip 2

DarrenOC · ‎Nov 6 2020

Literally just received one. I guess we don’t need to go hunt the client down as I assume this is a false positive

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.

nkm · ‎Nov 6 2020

Just received reply from Cisco Rep

Yes, we have been reported that by our client its is Apple's new software update that is causing this alerts it is a false alarm. These alerts are been generated on devices that are on iOS 14.2

JFagin · ‎Nov 6 2020

Thanks for this update I got about 30 of these alerts at one time from most of my sites. I will just delete them and keep it moving.

Meraki-MX · ‎Nov 6 2020