https://live.paloaltonetworks.com/t5/general-topics/apple-softwareupdate-exe-got-blocked-by-cortex-xdr/m-p/471262#M103077 <P>Hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/199274">@ReisingerM</a> ,</P> <P>&nbsp;</P> <P><SPAN>Confirmed false positive.&nbsp; WildFire has indeed updated the status from Malware to Benign.</SPAN></P> <P>&nbsp;</P> <P><SPAN>Cheers,</SPAN></P> <P><SPAN>-Kiwi.</SPAN></P> Tue, 08 Mar 2022 09:36:52 GMT kiwi 2022-03-08T09:36:52Z https://live.paloaltonetworks.com/t5/general-topics/apple-softwareupdate-exe-got-blocked-by-cortex-xdr/m-p/471121#M103070 <P>Hello Palo Community,</P><P>&nbsp;</P><P>does anybody know why the&nbsp;Apple SoftwareUpdate.exe got blocked by <LI-PRODUCT title="Cortex XDR" id="Cortex_XDR"></LI-PRODUCT>&nbsp;today</P><P>Or has someone else also encountered this Problem?</P><P>&nbsp;</P><P>In the Community section of VirusTotal I discoverd a comment that Palo Alto apperently changed the status at one point, yet i have some triggers with this software that came in today.</P><P>&nbsp;<A href="https://www.virustotal.com/gui/file/0682eef4ae722d6dad6b0c41f530d86e44f094f8487105372d5a03e0f0a437e9/community" target="_blank">https://www.virustotal.com/gui/file/0682eef4ae722d6dad6b0c41f530d86e44f094f8487105372d5a03e0f0a437e9/community</A></P><P>&nbsp;</P><P>Thank you in advance,</P><P>ReisinM</P><P>&nbsp;</P> Tue, 08 Mar 2022 06:46:01 GMT https://live.paloaltonetworks.com/t5/general-topics/apple-softwareupdate-exe-got-blocked-by-cortex-xdr/m-p/471121#M103070 ReisingerM 2022-03-08T06:46:01Z https://live.paloaltonetworks.com/t5/general-topics/apple-softwareupdate-exe-got-blocked-by-cortex-xdr/m-p/471262#M103077 <P>Hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/199274">@ReisingerM</a> ,</P> <P>&nbsp;</P> <P><SPAN>Confirmed false positive.&nbsp; WildFire has indeed updated the status from Malware to Benign.</SPAN></P> <P>&nbsp;</P> <P><SPAN>Cheers,</SPAN></P> <P><SPAN>-Kiwi.</SPAN></P> Tue, 08 Mar 2022 09:36:52 GMT https://live.paloaltonetworks.com/t5/general-topics/apple-softwareupdate-exe-got-blocked-by-cortex-xdr/m-p/471262#M103077 kiwi 2022-03-08T09:36:52Z https://live.paloaltonetworks.com/t5/general-topics/apple-softwareupdate-exe-got-blocked-by-cortex-xdr/m-p/471275#M103078 <P>It is benign software, initally identified as malware.</P><P>Same thing happend in the last two days for other software updates, like for Epson and HP:</P><P>Initially identified as malicious but then the verdict was reversed a few hours later.</P><P>Files had to be released manually and hashes had to be added by hand to the whitelist</P> Tue, 08 Mar 2022 09:48:35 GMT https://live.paloaltonetworks.com/t5/general-topics/apple-softwareupdate-exe-got-blocked-by-cortex-xdr/m-p/471275#M103078 MartinPfeil 2022-03-08T09:48:35Z