Thread Info
  • State Suggested Answer
  • +14 person also asked this people also asked this
  • Locked Locked
  • Replies 65 replies
  • Answers 2 answers
  • Subscribers 43 subscribers
  • Views 296124 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos cloud endpoint: Multiple users getting "Caller Check Exploit Prevented in Microsoft Excel" when using custom spreadsheets

Rich Billard

I need a resolution for this false positive that does not completely whitelist Excel.

This is directly relevant to the following thread:

https://community.sophos.com/intercept/f/information/82464/microsoft-power-query-for-excel---false-flagging-by-intercept-crashes-excel

This was supposed to be resolved by the end of November. 

We need a resolution now.

 



This thread was automatically locked due to age.
Parents
  • 0

    I'm also experiencing this same issue, anyone have a resolution yet?

  • 0 in reply to Kristi Adams

    HI Kristi, 

    The issue is pending from the Dev Team and should be released soon . 

    Regards,

    Aditya Patel
    Global Escalation Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

  • 0 in reply to Aditya Patel

    Aditya. Please stop suggesting your response that "it should be fixed soon" is an answer, as it is not.

    This is absolutely crazy that this is taking this long.

    This is effecting many more people other than me.

     

     

    this needs to be escalated to Management, as this has been over 2 months now.

  • 0 in reply to Aditya Patel

    Hi Aditya,

     

    I know this is currently with the Dev team as i have an open ticket but we need a fix on this as critical priority. People are unable to do their jobs without a fix! Please can you push this along. 

     

    Also just FYI on a 32bit install of Microsoft Office the powerquery addon is located as such "C:\Program Files (x86)\Microsoft Office\Office16\ADDINS\Microsoft Power Query for Excel Integrated\" however when i add this to the Global Scanning Exclusions it still comes up as a callercheck exploit. 

     

    Checking the event log i can see that this is the EXE wanting to run Microsoft.Mashup.Container.NetFX40.exe.

     

    Any ideas why it still comes up even after being added to Global Scanning Exclusions? Is it because the thumbprint changes each time?

     

     

    Thanks,

Reply
  • 0 in reply to Aditya Patel

    Hi Aditya,

     

    I know this is currently with the Dev team as i have an open ticket but we need a fix on this as critical priority. People are unable to do their jobs without a fix! Please can you push this along. 

     

    Also just FYI on a 32bit install of Microsoft Office the powerquery addon is located as such "C:\Program Files (x86)\Microsoft Office\Office16\ADDINS\Microsoft Power Query for Excel Integrated\" however when i add this to the Global Scanning Exclusions it still comes up as a callercheck exploit. 

     

    Checking the event log i can see that this is the EXE wanting to run Microsoft.Mashup.Container.NetFX40.exe.

     

    Any ideas why it still comes up even after being added to Global Scanning Exclusions? Is it because the thumbprint changes each time?

     

     

    Thanks,

Children
No Data
Unfiltered HTML