MS-Update identified as a threat, there are no corresponding entries in the threat logs, URL filtering log or data filtering logs

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

MS-Update identified as a threat, there are no corresponding entries in the threat logs, URL filtering log or data filtering logs

L2 Linker

Hi team,

 

Although MS-Update was flagged as a threat, there are no corresponding entries in the threat logs, URL filtering logs, or data filtering logs explaining the basis for its classification as a threat

AkashThangavel_0-1701248564919.png

AkashThangavel_0-1701250741984.png

The first three logs indicate that the traffic is passing without the security profiles

Why MS-update is identified as a threat??

 

with regards,

Akash Thangavel

Network Security Engineer

 

Akash Thangavel, Network Security Engineer
1 REPLY 1

L4 Transporter

Hello @AkashThangavel

To understand why certain ms-update traffic matches the criteria, you should examine the threat logs or URL filtering logs. Additionally, there is a known software issue (PAN-230250) that may cause this behavior. Please check if your case aligns with this issue.

You can find it in the PAN-OS 11.0.2 release notes, specifically under the "Known and Addressed Issues" section:

https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-release-notes/pan-os-11-0-2-known-and-addressed...

Anoopkumar
Network Security Engineer
  • 361 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!