Sophos UTM: Decommissioning of obsolete URL categorization services CFFS. Click here for important info.

MFA cookie protection triggers zoom integration in windows desktop app.

I have a desktop windows mail application, GroupWise, that integrates with zoom through official apis and uses ms edge webview2 for this authentication.

Unfortunately the new endpoint eap mfa cookie protection triggers when attempting to login to zoom in this app for scheduling appointments

I'm assuming we can create exceptions for this, but how does this affect cookieguard in general for webview2

For reference, this is the top section of sophos cookieguard report.


Mitigation   BrowserCookie
Policy       CookieGuard
Timestamp    2023-02-01T01:11:55

Platform     10.0.22621/x64 v1391 af_50
PID          23968
Enabled      00FD2E3000000004
Application  C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.70\msedgewebview2.exe
Created      2023-01-28T16:21:09
Modified     2023-01-26T08:35:14
Description  Microsoft Edge 109

Attempt to read protected Edge data
SHA-256      937823eadec0dc01de5a5a4ec5ff589aa3b242223424f68ca5a41d0be7fad4c1
SHA-1        6ff04cf472f4b3258bb3b7a28322174fb51b0ad0
MD5          8b8e000d619f9fdd479c4cb1e21608b8

Process is marked as signed
Certhash could be obtained
CertHash: cadc6ed6

Loaded Modules (64)
00007FF6E8E70000-00007FF6E9213000 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.70\msedgewebview2.exe (Microsoft Corporation), 
                                  version: 109.0.1518.70