We currently use 5 Terminalservers in our Network for Users to work on.
On one of those Terminalserver, Users can no longer open PDF Files from within another program using Adobe Reader due to a message from Sophos Endpoint Securtiy that a "Caller Check Exploit" has been prevented. This prevents our users from working effectively.
Is there any way to whitelist this application from this error or any fix?
Thank you for reaching out to the Sophos Community.
Generally, it's possible to exclude detections by navigating to the device in question from Sophos Central. From the "Events" tab you’ll see a "Details" button on the detection event. By clicking on the Details button, options are present to exclude the detection.
If you have already attempted this, but new detections continue to come up, I'd recommend using the steps in the following article to see if specific detection types can be turned off for Adobe Reader. - Stop detecting an exploit