Firebox Antivirus Detecting Microsoft Updates as Malware

Currently having an issue where our Microsoft update server (WSUS) is downloading updates to distribute to client machines and the updates are being detected as malware by Watchguard. Any help on this would really be appreciated. The detection says the malware is Gen:Variant.Symmi.40229. (Screenshot links below)

https://ibb.co/9ym8HCS
https://ibb.co/s6HW18r

Comments

  • Many MS updates in the past have been malware :-)

    Nothing that I can see on an Internet search related to Variant.Symmi.40229, with or without the dots

  • James_CarsonJames_Carson WatchGuard Representative

    Hi @billb0169

    I'd suggest opening a case so that one of our technicians can help with a packet capture of that data to anlyze a bit more deeply. You can do this using the support center link at the top right of this page.

    Thank you,

    -James Carson
    WatchGuard Customer Support

Sign In to comment.