To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Cloud identity management agent causes AV alert

Tozi
Tozi W/ Alumni Posts: 1 Security Scout

We are using Jumpcloud's cloud based identity management in our systems and now it seems after Computer Protection upgrade, we are getting AV alerts from all systems.

 

I guess one solution would be to drop this file for being checked, but is that the best an donly option?

 

F-Secure Protection Service for Business has identified the following security incidents:

2018-11-25T23:54:28,server1,Gen:Variant.Babar.14174,File,Quarantined,C:\Program Files (x86)\JumpCloud\jumpcloud-agent.exe,,*company*,SYSTEM

Comments

  • fedool
    fedool W/ Staff, W/ Article Coordinator Posts: 162 W/ Staff

    You can report it in https://www.f-secure.com/en/web/labs_global/submit-a-sample as false positive.

    Another option is to whitelist it in your profiles right now while it's under review.

  • etomcat
    etomcat W/ Alumni Posts: 1,172 Firewall Master

    "Hello,

     

    I’m a Technical Support Engineer with JumpCloud, and I’m happy to assist with your inquiry.

    We had reports last week of F-Secure flagging our agent as a virus. We have since reached out to them and we should no longer be flagged as a virus in their latest definition updates. For reference, see our status on Virus Total:

    https://www.virustotal.com/#/file/eb28580779183fba11dc278658a40ed35b5a8778556c47e82fe9af00a11b7e68/detection.

     

    As you can see, we are still working with some vendors to get us back in the green.

    If you update to the latest definitions, that should restore the JumpCloud Agent back to working order. Can you please try the update and then let me know how it goes?

    Thanks,

    Technical Support Engineer
    JumpCloud"

This discussion has been closed.