Search
Forum Home | Login
cpj70555
cpj70555
Join Date 01/2013
0

Cortex XDR catches the fences exe file as a non-secure application

March 27, 2024 3:39:38 AM from Stardock ForumsStardock Forums

Hi,

Recently I get popups from cytray.exe (part of Cortex XDR / Antivirus) about FencesMenu64.dll not being a valid image and then throws an error. Everything looks to work as expected afterwards but the error is annoying. According to a forum thread on Palo Alto someone got the following answer from Cortex XDR support:

Information from TAC:

"This is caused by a new feature enabled in 8.3, where we check the signature level of every DLL loaded into cytray.exe. The application's DLL must be unsigned or with a lower trusted level, which will result in the DLL being blocked by us and this pop-up to show. hence we have provided the SUEX to disable the feature.

At the moment the engineering team does not consider this issue as an actual bug inside the product, but rather a by-design behavior.

I would like to inform you that it might be fixed in the upcoming version of the XDR Agent, but we do not have an ETA for this."

 

Could there be any problems with the certificate signing of the dll's on Fences? It's mostly an annoyance but it could be nice without the error every time log into Windows.

 

/Christian

fences cortex xdr traps
Search this post
Advanced Search
Subscription Options
Reason for Karma (Optional)
Successfully updated karma reason!
cpj70555
basj
Join Date 03/2001
+1684 sdemployee
Reply #1 March 27, 2024 6:22:14 AM
from Stardock ForumsStardock Forums

Hello,
I have forwarded your problem/question to Stardock Support Team for their assistance. Please keep an eye on this thread for any updates. We appreciate your feedback and patience.

Basj,
Stardock Community Assistant

Reason for Karma (Optional)
Successfully updated karma reason!
cpj70555
pelaird
Join Date 12/2018
+748 moderator
Reply #2 March 27, 2024 6:28:11 AM
from Stardock ForumsStardock Forums

This has been reported several times and here are the posts.

https://forums.stardock.com/526329/page/1/#3922760

https://forums.stardock.com/526456/page/1/#3923071

https://forums.stardock.com/526357/page/1/#3923084

Hope this helps.

Reason for Karma (Optional)
Successfully updated karma reason!
cpj70555
Neil Banfield
Join Date 04/2001
+1105 sdemployee
Reply #3 March 27, 2024 7:08:55 AM
from Stardock ForumsStardock Forums

Their engineering team are wrong, it is indeed a bug their end impacting a number of applications.

Hopefully they will resolve it soon, otherwise it might be worth considering an alternative product to Cortex XDR.

Reason for Karma (Optional)
Successfully updated karma reason!

Sign Up or Login and this ad disappears!
There are many great features available to you once you register. Sign Up for a free account and browse the forums without ads.

cpj70555
pelaird
Join Date 12/2018
+748 moderator
Reply #4 April 13, 2024 2:21:29 PM
from Stardock ForumsStardock Forums

FYI:

Palo Alto Networks zero-day exploited since March to backdoor firewalls

From: BleepingComputer April 12, 2024

https://www.bleepingcomputer.com/news/security/palo-alto-networks-zero-day-exploited-since-march-to-backdoor-firewalls/

Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks

From BleepingComputer

April 12, 2024

https://www.bleepingcomputer.com/news/security/palo-alto-networks-warns-of-pan-os-firewall-zero-day-used-in-attacks/

 

Reason for Karma (Optional)
Successfully updated karma reason!
View all recent posts
Mark all posts as read Delete cookies created by the forum Return to Top
Stardock Forums v        Server Load Time:   Page Render Time: