Operational Defect Database
BugZero found this defect 205 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA16S000000bynDSAQ
False Trj/RansomDecoy.A detection in temporary user profiles with WatchGuard Endpoint Security
Last update date:
10/27/2023
Affected products:
WatchGuard Endpoint Security
Affected releases:
All
WatchGuard Endpoint Security
Fixed releases:
All
Description:
Issue
Under certain circumstances, WatchGuard Endpoint Security products might return a false detection of Trj/RansomDecoy.A in temporary user profiles on Windows endpoints with WatchGuard Endpoint Security v8.00.21.XXXX or v8.00.22.XX12 installed. Hotfix (for protection versions lower than 8.00.22.0022)Protection version 8.00.22.0022
Workaround/Solution
To discard the false positive detection, apply the available hotfix on the affected endpoint. Download and save the hotfix file to the endpoint: hotfix_decoy_defender_tempfolders_gui_8.00.21.x.exeDouble-click the downloaded file.If prompted, to fully apply the hotfix, restart the endpoint. Note: To download an unattended or silent version of the hotfix, click here.
