Jump to content

VER1TAS

Members
  • Content Count

    10
  • Joined

  • Last visited

Community Reputation

0 Neutral

About VER1TAS

  • Rank
    New Member

Recent Profile Visitors

1,031 profile views
  1. A ticket has also been opened up for MBAE and also with Forcepoint using the information provided under known issues. What I don't understand, is how this was working before the update to MBAE.
  2. Up until today, we were running both Forcepoint's Endpoint DLP agent and MBAE without issues. Today the update of MBAE from 1.08.2.2572 to version 1.09.2.1261 caused a massive influx of false positives for: Exploit code executing from Heap memory blocked BLOCK Exploit payload file blocked BLOCK C:\Windows\System32\QIPCAP64.dll I have read about issues earlier this year with Websense's endpoint agent, but we did not have any issues prior today. As of right now, MBAE is disabled across the network.
  3. Guys, make sure that your Anti-Exploit version is the most up-to-date version 1.07.2.1020. Some of this stuff has been fixed, though I have run into some the same issues.
  4. The user account must be listed as an administrator on the machines you are trying to push to.
  5. I did as well and all I received was the reply, "you can turn off PUM detection in the policy in the “Scanner” tab."
  6. To run it manually, right click and "run as administrator".
  7. Did you already have the package installed on your endpoint? In order to push from SCCM, the user account must have admin rights on those endpoints.
  8. We are having the same issue with every machine in our network. This is just for one machine below. PUM.Hijack.DisplayProperties 9/28/2015 10:51:01 AM Quarantined HKU\S-1-5-21-1956397903-2026841819-1852903728-1194\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\ACTIVEDESKTOP|NoChangingWallPaper Anti-Malware A4-1F-72-59-C7-85 PUM.Hijack.DisplayProperties 9/28/2015 10:51:01 AM Quarantined HKU\S-1-5-21-1956397903-2026841819-1852903728-1194\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|NoDisp
  9. Would "MicrosoftEdge*.exe" work as a single shield for both?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.