Gen.Variant.Fugrafa.aa9618c8

SLMark1
SLMark1 Posts: 19  Freshman Member
First Comment Second Anniversary
We have seen a major increase in security alerts related to Gen.Variant.Fugrafa.aa9618c8. All seem to be USG Flex 200 devices via SecuReporter. Is this a false positive? The alerts all seem to have started around the same time from unrelated clients?
«1

All Replies

  • We are seeing the same thing. If we could please get an update on how to resolve this. Thanks.
  • SLMark1
    SLMark1 Posts: 19  Freshman Member
    First Comment Second Anniversary
    Does it seem to be triggered by Visual C++ Runtime?
  • Virus Name: Gen.Variant.Fugrafa.aa9618c8
    File Name: Microsoft.VCLibs.140.00_14.0.30704.0_x86__8wekyb3d8bbwe.Appx

    I have been seeing it come from other file names throughout our networks, but this is the most common one. @SLMArk1 I believe it is a corrupted Microsoft Visual C++ Runtime update from what I have read online.
  • Vojta
    Vojta Posts: 2
    Second Anniversary
    I have the same problem on the ATP500. Is this a false alarm?
  • ticsystems
    ticsystems Posts: 71  ZCNE Certified
    First Comment Friend Collector Nebula Gratitude Fifth Anniversary
    edited February 2022
    I have the same problem in 2 different clients with ATP500 and ATP700
  • ECOL
    ECOL Posts: 2
    same issue on ATP800. CDR is configured to block clients with detected malware so it is currently blocking lot of clients. please fix it soon
  • So far, I have registered this on two ATP facilities

  • Winfo
    Winfo Posts: 1
    Same problem here
  • ticsystems
    ticsystems Posts: 71  ZCNE Certified
    First Comment Friend Collector Nebula Gratitude Fifth Anniversary
    Another client with atp 200 
  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,377  Zyxel Employee
    100 Answers 1000 Comments Friend Collector Seventh Anniversary
    We have noticed it and it should be false positive.
    Please update signature manually few hours later, the symptom will gone.

Security Highlight