This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Numerous detections of iexplore.exe this morning

more than a dozen alerts so far this morning for iexplore.exe being detected as Mal/Generic-S (vague), just curious if anyone else has seen this.  some of the mgmt team are concerned it could be a false positive.

still investigating

:21655


This thread was automatically locked due to age.
Parents
  • Earlier today (Monday 6th of February) at 11:34 GMT an identity was released which caused Internet Explorer 8 on Windows Vista and later to be mistakenly flagged as malicious. SophosLabs identified the problem and fixed it within 13 minutes (11:47 GMT). 

    Due to the nature of Live Protection some customers could still be experiencing the issue due to DNS caching for some time afterwards. Live Protection results are stored in the DNS cache, meaning the cache either needs to be flushed to remove the data or it will be removed after a period of time when the cache has automatically updated.

    At no point during the incident was protection compromised.

    The issue affected some customers running Endpoint Security and Control version 9.5 and later with Live Protection enabled. If you are experiencing any issues with IE8 please look at article 116799 or contact support.

    We apologize for any inconvenience caused and are investigating how this issue occurred so it can be prevented in future. 

    :21683

     - - - - - - - - - - - -

    Communities Moderator, SOPHOS
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Reply
  • Earlier today (Monday 6th of February) at 11:34 GMT an identity was released which caused Internet Explorer 8 on Windows Vista and later to be mistakenly flagged as malicious. SophosLabs identified the problem and fixed it within 13 minutes (11:47 GMT). 

    Due to the nature of Live Protection some customers could still be experiencing the issue due to DNS caching for some time afterwards. Live Protection results are stored in the DNS cache, meaning the cache either needs to be flushed to remove the data or it will be removed after a period of time when the cache has automatically updated.

    At no point during the incident was protection compromised.

    The issue affected some customers running Endpoint Security and Control version 9.5 and later with Live Protection enabled. If you are experiencing any issues with IE8 please look at article 116799 or contact support.

    We apologize for any inconvenience caused and are investigating how this issue occurred so it can be prevented in future. 

    :21683

     - - - - - - - - - - - -

    Communities Moderator, SOPHOS
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Children
No Data