Sophos Central Endpoint and SEC: Computers fail/hang on boot after the Microsoft Windows April 9, 2019 update. Please follow knowledge base article 133945
Learn about the Benefits of Multi-Factor Authentication (MFA). Turn your MFA on now!
We'd love to hear about it! Click here to go to the product suggestion community
We have microsoft quick assist remote desktop tool blocked by application control and we are getting hundreds of alerts of users trying to run this application but when we contact these users they say they have never even heard of this application.
we first started to get hits on the 13/03/19 and getting continuous hits a day.
Has anybody else found this as it is not getting reported as a virus so no way to stop this aleart?
Hello Matthew Humphrey,
[this isn't actually a Malware question - the Endpoint or the Central forum would be a better choice]according to the Labs' Controlled Applications page it has recently been added in the Remote management tool category. As far as I can see it's a Windows 10 feature and detection is triggered by %windir%\system32\quickassist.exe.Don't ask me what it does or could do, apparently it has been added recently (and probably upon customer request). As it was there before you might at least temporarily authorize it.