https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-iexplorer-exe-execution-triggers-the-memory/m-p/411203#M784 <P>Hi,</P><P>&nbsp;</P><P>I am having this problem in a host managed by Cortex XDR , whenever I execute iexplorer.exe or outlook an xdr agent alarm is triggered indicating that it's a Memory Corruption Exploit. Except creating an Exploit profile and excluding this kind of alarm , is there any other solution , has anyone the same problem?</P><P>&nbsp;</P><P><SPAN>Process blocked: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6220 CREDAT:18363609 /prefetch:2</SPAN></P> Fri, 04 Jun 2021 14:27:04 GMT service-ad 2021-06-04T14:27:04Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-iexplorer-exe-execution-triggers-the-memory/m-p/411203#M784 <P>Hi,</P><P>&nbsp;</P><P>I am having this problem in a host managed by Cortex XDR , whenever I execute iexplorer.exe or outlook an xdr agent alarm is triggered indicating that it's a Memory Corruption Exploit. Except creating an Exploit profile and excluding this kind of alarm , is there any other solution , has anyone the same problem?</P><P>&nbsp;</P><P><SPAN>Process blocked: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6220 CREDAT:18363609 /prefetch:2</SPAN></P> Fri, 04 Jun 2021 14:27:04 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-iexplorer-exe-execution-triggers-the-memory/m-p/411203#M784 service-ad 2021-06-04T14:27:04Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-iexplorer-exe-execution-triggers-the-memory/m-p/413545#M803 <BLOCKQUOTE><HR /><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/117">@service-ad</a>&nbsp;wrote:<BR /><P>Hi,</P><P>&nbsp;</P><P>I am having this problem in a host managed by Cortex XDR , whenever I execute iexplorer.exe or outlook an xdr agent alarm is triggered indicating that it's a Memory Corruption Exploit. Except creating an Exploit profile and excluding this kind of alarm , is there any other solution , has anyone the same problem?</P><P>&nbsp;</P><P><SPAN>Process blocked: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6220 CREDAT:18363609 /prefetch:2</SPAN></P><HR /></BLOCKQUOTE><P>Hi,&nbsp;</P><P>&nbsp;</P><P><SPAN>Sounds like what you need to do is <A href="https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-prevent-admin/investigation-and-response/investigate-endpoint-alerts/manage-alerts.html#id28f60556-5235-4f96-8bf6-0de0dbc94925_idd207d385-46d0-4fb3-b6e5-493bdc5d8678" target="_self">retrieve and analyze,</A>&nbsp;If this doesn't work, solution will be to&nbsp;</SPAN><SPAN>download the retrieve data and submit for&nbsp;</SPAN>analysis of the issue by the Support team.</P><P>They can be reached at<SPAN>&nbsp;</SPAN><A href="https://support.paloaltonetworks.com/" target="_blank" rel="nofollow noopener noreferrer">https://support.paloaltonetworks.com/</A>.</P><P>&nbsp;</P><P>I hope this helps,&nbsp;</P> Wed, 16 Jun 2021 12:18:59 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/cortex-xdr-iexplorer-exe-execution-triggers-the-memory/m-p/413545#M803 zsolomon 2021-06-16T12:18:59Z