Your Web News in One Place

Help Webnuz

Referal links:

Sign up for GreenGeeks web hosting
December 30, 2021 02:02 am

Microsoft Defender Log4j Scanner Triggers False Positive Alerts

Microsoft Defender for Endpoint is currently showing "sensor tampering" alerts linked to the company's newly deployed Microsoft 365 Defender scanner for Log4j processes. BleepingComputer reports: The alerts are reportedly mainly shown on Windows Server 2016 systems and warn of "possible sensor tampering in memory was detected by Microsoft Defender for Endpoint" created by an OpenHandleCollector.exe process. Admins have been dealing with this issue since at least December 23, according to customer reports. While this Defender process' behavior is tagged as malicious, there's nothing to worry about since these are false positives, as revealed by Tomer Teller, Principal Group PM Manager at Microsoft, Enterprise Security Posture. Microsoft is currently looking into this Microsoft 365 Defender issue and working on a fix that the company should soon deliver to affected systems. "This is part of the work we did to detect Log4J instances on disk. The team is analyzing why it triggers the alert (it shouldn't of course)," Teller explained.

Read more of this story at Slashdot.


Original Link: https://it.slashdot.org/story/21/12/29/231215/microsoft-defender-log4j-scanner-triggers-false-positive-alerts?utm_source=rss1.0mainlinkanon&utm_medium

Share this article:    Share on Facebook
View Full Article

Slashdot

Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..

More About this Source Visit Slashdot