Up until today, we were running both Forcepoint's Endpoint DLP agent and MBAE without issues. Today the update of MBAE from 1.08.2.2572 to version 1.09.2.1261 caused a massive influx of false positives for:
Exploit code executing from Heap memory blocked BLOCK
Exploit payload file blocked BLOCK C:\Windows\System32\QIPCAP64.dll
I have read about issues earlier this year with Websense's endpoint agent, but we did not have any issues prior today. As of right now, MBAE is disabled across the network.