WipeGuard exploit prevented in Sophos Endpoint Defense Software

Question

There is one client that does nothing else than reporting WipeGuard preventions. 
 Even for Sophos Processes. What's the use of that feature and log? 
 Initial Detection: WIN-MITRE-Behavioral-TA0040-T1561.002

LHerzog · Accepted Answer

No more wipe guard detections after that single incident that happened after the hotfix install. We think the issue has been generally solved by the hotfix: support.sophos.com/.../KB-000038477

WipeGuard exploit prevented in Sophos Endpoint Defense Software

Top Replies