Thanks for the reply Hasib. I already had googleupdate.exe listed as a low risk process in the OAS settings and it was still being detected. Maybe if McAfee had released the extension prior to releasing the credential theft functionality I could've just disabled the functionality in ATP.
We have been searching almost 3 full days on that issue.
Since we have TIE/ATP in place at a customer this was even more complicated to find out. ENS 10.7 APRIL 2020 fixes another BUG we reported with the Exceptions by Detection name ATP/45454765 (The Forwards Slash not working) and now this?
We first have seen this with RAPID 7 Agent where it would be logic because you have two security products which target SAM/LSASS.
Then days later we have seen Alerts from Adobe Flash Update Internet Explorer on older W7 clients.
Good luck nothing else happened!
Here is the Options with ENS 10.7. APRIL 2020 Release integrated in German enviroment.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.