I don't know.
The Host IPS Content 18.104.22.16835 - Signature 6058 is set to 'High' severiry as the default setting. This has not been altered from previous content updates.
If you continue to have an issue, please contact McAfee Support so that we can proivde assistance. The most common reason for when signatures show a different severify level is that the Host IPS Content policy has been changed on your ePO Server which will override the McAfee Default Content setting of 'High'. Content signatures that have been Customized (changed from the default setting) take precedence over the default signature settings.
1 of 1 people found this helpful
Yes, in 5735 this is indeed "high". Interestingly enough, it was modified to reduce false positives.
However, in 5660, this signature suddenly became "informational". I was looking at the McAfee Default policy, which is not subject to custom severity changes. In 5709, this signature was modified to reduce false positives, and also became a "high" once again. I'm trying to find out why there was a phantom severity change in 5660.