Jump to content

VER1TAS

Members
  • Content Count

    10
  • Joined

  • Last visited

Community Reputation

0 Neutral

About VER1TAS

  • Rank
    New Member

Recent Profile Visitors

871 profile views
  1. A ticket has also been opened up for MBAE and also with Forcepoint using the information provided under known issues. What I don't understand, is how this was working before the update to MBAE.
  2. Up until today, we were running both Forcepoint's Endpoint DLP agent and MBAE without issues. Today the update of MBAE from 1.08.2.2572 to version 1.09.2.1261 caused a massive influx of false positives for: Exploit code executing from Heap memory blocked BLOCK Exploit payload file blocked BLOCK C:\Windows\System32\QIPCAP64.dll I have read about issues earlier this year with Websense's endpoint agent, but we did not have any issues prior today. As of right now, MBAE is disabled across the network.
  3. Guys, make sure that your Anti-Exploit version is the most up-to-date version 1.07.2.1020. Some of this stuff has been fixed, though I have run into some the same issues.
  4. I did as well and all I received was the reply, "you can turn off PUM detection in the policy in the “Scanner” tab."
  5. We are having the same issue with every machine in our network. This is just for one machine below. PUM.Hijack.DisplayProperties 9/28/2015 10:51:01 AM Quarantined HKU\S-1-5-21-1956397903-2026841819-1852903728-1194\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\ACTIVEDESKTOP|NoChangingWallPaper Anti-Malware A4-1F-72-59-C7-85 PUM.Hijack.DisplayProperties 9/28/2015 10:51:01 AM Quarantined HKU\S-1-5-21-1956397903-2026841819-1852903728-1194\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|NoDisp
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.