Update PAN-OS 11.1.0 to 11.2.1?

Hi all -

With regard to CVE-2024-3400 PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect and other issues, our PA-820 is running PAN- OS 11.1.0, should it be updated to PAN-OS 11.2.1?

Thank you

False Positive: Virus/Win32.WGeneric.eefmlb on stream.x64.x-none.dat

Started getting false positives on our SCCM server after a repackaging of Microsoft Office 365 source, looks to be specifically on the data file for Microsoft Stream client. VirusTotal comes up clean.

Azure Microsoft Defender Security Warnings

Recently Microsoft Defender for Cloud has started reporting various files in our palo alto as malware. The most recent one today is hdd/mfa1z5om.aa2/tmp and hdd/mfa1z5om.aa2/usr/sbin as Trojan:Linux/Casdet!rfn. There have been daily alerts with vario

AcrobatDCx64Manifest3.msi from Akamai 23.200.196.138 detected as ml-virus

VA issue

Is there anyway to solve those VA issue?

1) 90317 - SSH Weak Algorithms Supported

2) 42873 - SSL Medium Strength Cipher Suites Supported (SWEET32)

3) 70658 - SSH Server CBC Mode Ciphers Enabled

4) 71049 - SSH Weak MAC Algorithms Enabled

Kindly help plea

Can you setup a failure grace period for CI image scans based on first found date

I'm looking for a way to set a failure grace period for CI image scans based on the first found date. I see in the rulesets you can set a failure grace period based on the first fix date. 

For example, if we were to set an expectation that any high

Threat Prevention Rules, Exceptions, Default Actions Precedence

I want to confirm the order of precedence for security profile rules, default actions, and exceptions.  For example, the default action for the SSH User Authentication Brute Force Attempt threat is alert.  However, the threat profile rule associated

Many threats for DNS blocklists fresh.fmb.la and support-intelligence.net

Two DNS blocklists used by standard SpamAssassin 4.0 have many Palo Alto threat IDs for wildfire, malware and phishing. Blocklists are not phishing sites but give back DNS values to decide if should be blocked by mailservers or not. Especially needed

False Positives

I am looking to clear out the false positive: Virus/WIN32.WGeneric.edxqeb from the Palo Alto summary report. I went into the WildFire report in the firewall an added a rule to block it but it still shows up on the report. Also does anyone how I can o

Bitdefender update file detected as "Virus/Linux.WGeneric.efxlnj"

Paloalto is detecting the file transfer from from Bitdefender server to clients as virus and the traffic is been blocked. The file is a legit Bitdefender file used for updating Bitdefender Linux agents, the hash of the file is not been detected as ma

Vulnerability scan showing CVE-2008-4309 - SNMP 'GETBULK' Reflection DDoS

Not seeing anything on this anywhere I search. Nessus is showing CVE-2008-4309 - SNMP 'GETBULK' Reflection DDoS on our PA-1410 on 11.0.3-h10. 

Nessus was able to determine the SNMP service can be abused in an SNMP
Reflection DDoS attack :
Request siz

Executable blocking on a network drive

Cordial greetings

Team

Currently some users are trying to download an .exe file located in a server directory path.

As I mentioned, the download is using the ms-ds-smbv3 protocol and is being stopped by the File-Blocking profile. We have performed th