False positive guys. This is a Microsoft update where they used the file type C2RX which is not on the inspection list in the Meraki AMP. Use the URL in the alerts to search VirusTotal. VirusTotal - URL - 1a81b30aaf0e0f44b913a3a1f53d1ecd91d274b23d03cf866a4f57d32cb5f487 The hash won't work. The article about file types in AMP is here Advanced Malware Protection (AMP) - Cisco Meraki
... View more
