cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • About Chris11

Re: New malware flagged from Windows Update downloads

by in Security / SD-WAN
‎12-20-2018 12:11 PM
4 Kudos
‎12-20-2018 12:11 PM
4 Kudos
Support came back and just said "Because Talos determined it is malicious.  You can whitelist the domain if you'd like."    While there is nothing technically wrong in that answer, it really isn't helpful.  If Talos (and AMP by extension) is flagging false positives against Windows Update files, then that is a problem.  Conversely, if MS is serving up malicious files, then that is also a problem.    Unfortunately, I do not have access to Talos Threat Grid to see anything further on this file. ... View more

Re: New malware flagged from Windows Update downloads

by in Security / SD-WAN
‎12-20-2018 11:14 AM
‎12-20-2018 11:14 AM
I have. When I hear back I will update here. ... View more

New malware flagged from Windows Update downloads

by in Security / SD-WAN
‎12-20-2018 07:13 AM
3 Kudos
‎12-20-2018 07:13 AM
3 Kudos
We have a MX84 that alerted this morning about a "Retrospective" File Disposition Change.  The event in question appears to be an exe download:   am_base_07038dbbb574078315e3d4d6d8e45491a4db3bd0.exe sha256: e9ab8d11545dbad0ebf6ef6a35750d7051b0af2e72ba1fd8d464203140bcb55f    ...downloaded from an apparently legit Microsoft domain:     au.download.windowsupdate.com   I am unable to find any documentation detailing why this file is being flagged.  The virustotal results look clean as well.  Can anyone shed any light? ... View more
© 2022 Meraki