under TIE Reputations i find a massive volume of files located in the directory C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_64\.....
This fills my TIE Database and shows a high amount of unknown file.
How this can be handeled?? Any idea??
Solved! Go to Solution.
I am going to log a ticket next week for this issue have either of you logged a ticket yet or resolved the issue?
at the moment we finished some TIE project. Some McAfee representative asked me to write down some "problems" or challenges in the projects. This information should be straight forwarded to the TIE product management.
Let´s see what happens.
At the moment i have no solution for this.
We've an opened ticket with Intel Security to investigate this (apparent) bug. No news till now, I'll keep you informed.
Let´s see if this helps.
There is also a new TIE Rules available. Perhaps this rule also changes something.
Rule 139 - Identify trusted DOTNet assemblies
This rule detects files that have CLR code (DOTNet) and have been installed into the global
assembly cache folders. The files are present on multiple machines within the enterprise,
indicating they are not just-in-time compiled assemblies.
Default State: Mandatory
Changes in this release
Changed how age and prevalence are handled in DOTNet validation algorithm
have you had any more feedback from the tech support team? are you able to share your SR so I can add this info to my case as they are not aware of any issue when speaking to the support
for Servers i solved it for my own. It´s some kind of woraround but no solution. We implemented a script to whitelist any EXE and DLL on TIE. After doing this, the messages have been gone.
At the moment i do not know why this solved the problem, therefore it´s a workaround for me.