False malicious activities / windows update
All Replies
-
Thanks st3213, but our USG110 doesn't offer this information. We got onlyMonitor > UTM Statistics > Anti-Viruswith following screen:The counter of 1212 is only the result of todays MS patchday. All other days of the month we don't experience any virus alerts.Further we've got already purchased a new USG Flex 700, which is not yet installed and commissioned. We hoped that these A/V alerts are gone when we'll replace our USG110. But as we've learnt now, USG Flex are also affected. This concerns.0
-
OK, I see. We have an additional column in our 500 flex devices. But otherwise, the same: We get hundreds of hits on every patch day. Interestingly, the alters stop after a while - not sure if ZyXel is updating signatures or why.I'm just wondering why there is no more talk about this issue. One would assume that many customers should be affected. Therefore, I am still a little uneasy just adding the files to the allow list.Zyxel_Kevin I hope you can advise. The problem is going on for a while now.
0 -
OK, I see. We have an additional column in our 500 flex.Zyxel_Kevin can advise. The problem is going on for a while now.
0 -
OK, I see. We have an additional column in our 500 flex devices. But otherwise, the same: We get hundreds of hits on every patch day. Interestingly, the alters stop after a while - not sure if ZyXel is updating signatures or why.I'm just wondering why there is no more talk about this issue. One would assume that many customers should be affected. Therefore, I am still a little uneasy just adding the files to the allow list.Zyxel_Kevin can advise. The problem is going on for a while now.
0 -
Hi @st3213,We have removed signature from Cloud.Please kindly reboot your device to clear local cache.You can also perform the following command to disable local cacheRouter(config)# debug anti-virus cloud-query am-cache disableRouter# Router# debug anti-virus cloud-query show…am-cache enable: 0For ATP/FLEX series, since the designed mechanism on ATP/FLEX series is different from Zywall/USG series . We can now manipulate and correct the signature content more promptly and effect comparing to Zywall/USG series.In addition, to fewer the false-positive detections is also our future release testing target after receiving those cases from customers.Kevin0
-
Zyxel_Kevin said:Hi @st3213,We have removed signature from Cloud.Please kindly reboot your device to clear local cache.You can also perform the following command to disable local cacheRouter(config)# debug anti-virus cloud-query am-cache disableRouter# Router# debug anti-virus cloud-query show…am-cache enable: 0Hi Kevin,Thanks for your reply. Since we are not able to reboot our USG110 at any time (because of production system), I've carried out the proposed CLI commands.But after executing "Router(config)# debug anti-virus cloud-query am-cache disable"the query "Router# debug anti-virus cloud-query show" doesn't show any results like "am-cache enable: 0". The console didn't show any new line with any results. Hopefully the cache disabling works nevertheless.
0 -
@Zyxel_Kevin Thank you for updating the signatures, hits have stopped not. But we need to keep this open at least until the next MS patch day. Let's hope for a permenent solution.
0 -
New month, same behaviour. Today is MS Patch Day and we're still receiving a huge number of Virus Alert Warnings from our USG110 for aspnetcore, dotnet and (this is new) powershell runtimes updates!Are there any news from Zyxel in this regard?0
-
Hi @USG_User,
Since the designed mechanism for ATP/FLEX is different from Zywall/USG. We can now manipulate and correct the signature content more promptly and effect comparing to Zywall/USG series.
And USG series are going to End of Support. We will suggest to do the replacement.
Thank you
Kevin
0 -
This problem, which has certainly been known for over a year, has been nicely sat out.Our new USG Flex700 has already been delivered and we could only hope that this annoying behavour is really done.
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 147 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight