About jeremy.peace-hall

jeremy.peace-hall · 09-12-2023

We are getting hundreds of these threat detections this morning in our environment. These are all considered "low" and the smss.exe file is clean (SHA-256: 56afe5133fdc5806ec6b19436f7b55f1499cfc94619740c171424fbcf7808fd3)Seems to be triggered at logo...

jeremy.peace-hall · 09-14-2023

Some of our clients just started to update to 11044. We are still getting a bunch of these smss.exe detections but all of them are on clients still running 11011. Hopefully by tomorrow morning these will cease as the clients get the new definition up...

jeremy.peace-hall · 05-12-2023

Sorry, meant to type Chrome 113 not 115

jeremy.peace-hall · 05-12-2023

We are seeing these same Exploit Prevention alerts in our environment as well. Just as you mention, they seem to coincide with the policy update made by Cisco on May 10 but also only appear on clients running Chrome v115.

jeremy.peace-hall · 04-13-2023

Also seeing this SHA-256 detection on our Firepower appliances

jeremy.peace-hall · 04-13-2023

We are also seeing a large number of these this morning.

Member Since	‎10-13-2017 05:42 AM
Date Last Visited	‎12-08-2023 09:55 AM
Posts	6
Total Helpful Votes Received	5

User Statistics

User Activity

Suspicious smss.exe Parent Process

Re: Suspicious smss.exe Parent Process

Re: Chrome.exe exploit prevention events

Re: Chrome.exe exploit prevention events

Re: FP on Microsoft Edge update?

Re: FP on Microsoft Edge update?