Recently I received a message about a handful of computers with the following message and I am wondering what action(s) I need to take, if any:


What happened: We prevented a privilege escalation exploit in C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe. This type of exploit gives an application access to resources it shouldn’t have.

Path: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

What was detected: PrivGuard

How severe it is: High

What Sophos has done so far: We prevented the privilege escalation and ran a scan to clean up the computer.

What you need to do: Investigate the cause of the alert. When you are sure the system is clean, acknowledge the alert.\


Thank you.