Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
967
Views
0
Helpful
1
Replies

Endpoint Security

agustusin
Level 1
Level 1

‎03-26-2022 01:06 AM

Anyone seeing Flash Scans kicked off by Cisco AMP killing legit processes, like chrome.exe, excel.exe lsass.exe, spoolsv.exe, etc? Showing up in Events as an Exploit Prevented? This has only crept up for us today, and is maybe related to the 7.0.5.11403 version (testing on IT computers, other computers with the old 6.x version do not appear to be having an issue).

I do have Exploit Prevention turned on in my Policy, but it's been turned on for a while without any issues.

VidMate Mobdro
Labels:
0 Helpful
1 Reply 1

Troja007
Cisco Employee
Cisco Employee

‎03-30-2022 08:31 AM

Hello @agustusin ,
first of all, connector version 7.0.5.x was released in 2019. This version is missing a lot of improvements/fixes and even exPloit Prevention upgrade v4/v5. So you are already nearly 20 releases behind the actual version. I highly recommend to think about an upgrade to the latest version of the connector.

Anything else related to your issue is nearly impossible to answer, because much more details are needed to identify the issue. In such cases, the best approach is to open a TAC case, so an engineer can investigate the connector logs.

Greetings, Thorsten

0 Helpful
Customers Also Viewed These Support Documents