This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Endpoint Caller Check Exploit prevented in Adobe Reader

Hello,

We currently use 5 Terminalservers in our Network for Users to work on.

On one of those Terminalserver, Users can no longer open PDF Files from within another program using Adobe Reader due to a message from Sophos Endpoint Securtiy that a "Caller Check Exploit" has been prevented. This prevents our users from working effectively.

Is there any way to whitelist this application from this error or any fix?



This thread was automatically locked due to age.
Parents
  • Hello GenericITAdmin, 

    Thank you for reaching out to the Sophos Community. 

    Generally, it's possible to exclude detections by navigating to the device in question from Sophos Central. From the "Events" tab you’ll see a "Details" button on the detection event. By clicking on the Details button, options are present to exclude the detection.

    If you have already attempted this, but new detections continue to come up, I'd recommend using the steps in the following article to see if specific detection types can be turned off for Adobe Reader. 
    - Stop detecting an exploit

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Reply
  • Hello GenericITAdmin, 

    Thank you for reaching out to the Sophos Community. 

    Generally, it's possible to exclude detections by navigating to the device in question from Sophos Central. From the "Events" tab you’ll see a "Details" button on the detection event. By clicking on the Details button, options are present to exclude the detection.

    If you have already attempted this, but new detections continue to come up, I'd recommend using the steps in the following article to see if specific detection types can be turned off for Adobe Reader. 
    - Stop detecting an exploit

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Children
No Data