04-22-2013 02:00 PM
Created a Vulnerability Protection profile.
Noticed that I was seeing a lot of "Microsoft Windows Registry Read Attempt" entries in the threat log. These appear to be benign. So I edited the profile, clicked the exceptions tab and checked the "enabled" checkbox for this vulnerability. I assumed this meant that this vulnerability would now be ignored and not show up in the log. This however is not the case. What am I missing?
In the threat logging window, I click on a threat name and the threat details are displayed. One of the lower columns in the window is "Exempt Profiles". What exactly does this mean?
Any help is greatly appreciated.
04-22-2013 02:04 PM
Once you have enabled the vulnerability make sure that you allow it instead of the default action.
04-22-2013 03:31 PM
04-30-2013 09:28 PM
To answer your second question, the "Exempt Profiles" is where you can add an exception directly from that dialog. Click on it and configure that profile with exemptions. Hope this helps,
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!