Firebox Antivirus Detecting Microsoft Updates as Malware

billb0169billb0169
edited September 2019 in Firebox - Subscription Services

Currently having an issue where our Microsoft update server (WSUS) is downloading updates to distribute to client machines and the updates are being detected as malware by Watchguard. Any help on this would really be appreciated. The detection says the malware is Gen:Variant.Symmi.40229. (Screenshot links below)

https://ibb.co/9ym8HCS
https://ibb.co/s6HW18r

Comments

  • Bruce_BriggsBruce_Briggs

    Many MS updates in the past have been malware :-)

    Nothing that I can see on an Internet search related to Variant.Symmi.40229, with or without the dots

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @billb0169

    I'd suggest opening a case so that one of our technicians can help with a packet capture of that data to anlyze a bit more deeply. You can do this using the support center link at the top right of this page.

    Thank you,

    -James Carson
    WatchGuard Customer Support

Sign In to comment.