https://live.paloaltonetworks.com/t5/general-topics/modified-vulnerability-signatures/m-p/93858#M43898 <P>Hi Hamad</P> <P>&nbsp;</P> <P>If you suspect a threat/vulnerability is being triggered in error, please collect the information as outlined in the article below and open a support case:</P> <P>&nbsp;</P> <P><A href="https://live.paloaltonetworks.com/t5/Threat-Articles/How-to-submit-an-Anti-Virus-false-positive/ta-p/74600" target="_blank"> How to submit an Anti-Virus false positive</A></P> <P><A href="https://live.paloaltonetworks.com/t5/Threat-Articles/How-to-submit-a-vulnerability-signature-false-positive/ta-p/74602" target="_blank"> How to submit a vulnerability signature false positive</A></P> Mon, 04 Jul 2016 11:07:55 GMT reaper 2016-07-04T11:07:55Z https://live.paloaltonetworks.com/t5/general-topics/modified-vulnerability-signatures/m-p/93556#M43882 <P>Hello,</P><P>&nbsp;</P><P>On the last Threat and Content update on our Firewall, we suddenly started receiving alerts on our Firewall for a specific vulnerability (Threat ID 35427, CVE-2010-0476). Now this is an old CVE and upon checking the <A href="https://technet.microsoft.com/library/security/ms10-020" target="_blank">MS10-020</A> article, there was no update from Microsoft, but Palo Alto release notes suggested that this signature was modified.</P><P>&nbsp;</P><P>Is a way to find out what change is made to the vulnerability signatures when Palo Alto modified a vulnerability signature?</P><P>&nbsp;</P><P>Thanks,</P><P>Hamad</P> Sun, 03 Jul 2016 08:34:39 GMT https://live.paloaltonetworks.com/t5/general-topics/modified-vulnerability-signatures/m-p/93556#M43882 MHamad 2016-07-03T08:34:39Z https://live.paloaltonetworks.com/t5/general-topics/modified-vulnerability-signatures/m-p/93565#M43885 <P>This could be a false positive.</P> Sun, 03 Jul 2016 08:57:51 GMT https://live.paloaltonetworks.com/t5/general-topics/modified-vulnerability-signatures/m-p/93565#M43885 pankaku 2016-07-03T08:57:51Z https://live.paloaltonetworks.com/t5/general-topics/modified-vulnerability-signatures/m-p/93566#M43886 <P>Do you mean that the update on the signature from PA may have an issue?</P> Sun, 03 Jul 2016 09:04:31 GMT https://live.paloaltonetworks.com/t5/general-topics/modified-vulnerability-signatures/m-p/93566#M43886 MHamad 2016-07-03T09:04:31Z https://live.paloaltonetworks.com/t5/general-topics/modified-vulnerability-signatures/m-p/93573#M43887 <P>Yes.</P> Sun, 03 Jul 2016 09:18:59 GMT https://live.paloaltonetworks.com/t5/general-topics/modified-vulnerability-signatures/m-p/93573#M43887 pankaku 2016-07-03T09:18:59Z https://live.paloaltonetworks.com/t5/general-topics/modified-vulnerability-signatures/m-p/93858#M43898 <P>Hi Hamad</P> <P>&nbsp;</P> <P>If you suspect a threat/vulnerability is being triggered in error, please collect the information as outlined in the article below and open a support case:</P> <P>&nbsp;</P> <P><A href="https://live.paloaltonetworks.com/t5/Threat-Articles/How-to-submit-an-Anti-Virus-false-positive/ta-p/74600" target="_blank"> How to submit an Anti-Virus false positive</A></P> <P><A href="https://live.paloaltonetworks.com/t5/Threat-Articles/How-to-submit-a-vulnerability-signature-false-positive/ta-p/74602" target="_blank"> How to submit a vulnerability signature false positive</A></P> Mon, 04 Jul 2016 11:07:55 GMT https://live.paloaltonetworks.com/t5/general-topics/modified-vulnerability-signatures/m-p/93858#M43898 reaper 2016-07-04T11:07:55Z