Re: Virus Scanner Flagging FTD Software package

jwornstaff · ‎10-31-2024

Anyone else have an issue whereby a virus scanner is flagging a Cisco FTD or FCM package file? When using MS defender scan on 7.4.1 it detects exploits, now my security folks want let me move it for install. I assuming it must be related to SNORT rules and definitions being found.

nspasov · ‎10-31-2024

I just tried this on my end with a Windows 10 and 11 machines. Neither one of them flagged the software. So, this could be a false-positive or a misconfiguration on the windows defender side. But, it is probably best to raise a support request with Microsoft.

Thank you for rating helpful posts!

Thank you for rating helpful posts!

jwornstaff · ‎11-05-2024

That odd, I have window 10 and window 11 and MS defender flags on both for only the FDT upgrade package and not the FMC, I also download a 7.3.x something and it get flagged as well. I opened tac case but of course not heard anything in several days. See screen shot below.

Aref Alsouqi · ‎11-05-2024

This is really odd and I've never came across this before. I would raise this with MS support as well to trying to understand if this is a false positive or not.

Aref Alsouqi · ‎11-01-2024

Out of curiosity what exploits IDs the scan provides?

jwornstaff · ‎11-05-2024

I attached screenshot below.

jwornstaff · ‎11-04-2024

Attached screen shot with exploits found.