MattR

Getting permission denied in trying to access most of the area of the Protect Dashboard this morning (Computers, Detections, Landing Page, etc). I'm assuming their maintenance last night did not go as planned. I don't see any known issues with the Protect cloud dashboard listed on the status page.

We have a number of clients enabled for Cloud Office Security to filter emails from spam and malware. We created a report with the "Mail Quarantine" option selected, we have done both attempts at just have all the tenants selected or even users or groups. Then the options are set to repeat Daily and set to never end, we just have it starting on a day when we first started using the software. We see in the audit log reports with the action "Generate & send report", it shows succeeded and says the user SYSTEM. There are enough of these in the log that we think it is generating reports, but we have been unable to find any of the digests using message trace in Microsoft 365 and the users have yet to report seeing the digests. Is there something we need to enable on Microsoft 365's end to allow it to go through? We don't have any special filtering on some clients, so it should just go to their inboxes. Even if Microsoft flags it, it generally goes to the quarantine on their 365 console.

I suspect in most cases the patching mechanism isn't working yet especially if it's installed in a profile (I've only been able to patch programs that appear to be installed globally on a PC). There is a schedule you can configure when it does its patch searching in the Common Features policy that's applied to the device. This is also where you could set auto patching settings as well. It's a fairly new feature, so I suspect they are still working on it a lot. I had some PCs that had it for a little while and eventually some other programs were flagged that weren't before. So, they probably are working on adding more and more programs and patches to their databases.

We are just starting to roll out eSet, so only getting more PCs with other applications that have patches available now. Almost all the patches we try to roll out from the console don't really appear to work. So far only Fox IT reader has upgraded and went away. Libre Office, Firefox, Zoom, Teamviewer, Chrome/Edge, etc. do not seem to work. I suspect most of those are installed in profile, but not sure about LibreOffice though being installed like that.

I have seen this as well. Some versions of Zoom it has patches for, others not. So I think it just means it doesn't have a patch yet, so you would have to manually upgrade to latest version. I have also ran into situations where the application is installed in the profile of someone on the PC, those never seem to be able to apply patches.

We have seen that fixed as well. So far we haven't had any success with the patch management upgrade at all. Edge, Chrome, Adobe Acrobat DC, Teamviewer. None look like they actually update anything yet when kicking out the upgrade. Not sure if it's an issue with the application being local to the profile vs the PC or not.

I have found applying the Google Chrome and Microsoft Edge patches don't appear to actually apply. I no longer have the false positives with the Windows 11 machines, so I guess my deactivate/reactivate issue fixes it. On the PCs we forced the update on, it had to reboot them. I am hoping it will auto update and not need reboots on the others, but time will tell.

I unactivated the license and re-activated it, appeared to help reduce the numbers so far (still have a couple on one of the PCs), but I think its still working on scanning for vulnerabilities, so not sure if they will re-add at some point.

We were able to apply the license and then create the policy under the Common Features policy to get this enabled. We have noticed that at least two PCs running Windows 11 Pro 22H2 are being flagged as Microsoft Windows 10 Pro 22H2. It shows a significant number of vulnerabilities, when checking on many of them, it appears that it is only flagging because it doesn't see the Windows 10 KB installed. When trying to install applicable patches/rollups for Windows 11 to address the vulnerability, it is already installed. The PCs are both current on the latest Monthly Rollups, so likely have few known Windows-related vulnerabilities. I suspect its mechanism of determining what OS for vulnerabilities is just looking at 22H2 and not taking into account there are versions for Windows 10 and 11 that have the same version. In the computer details, both PCs are identified correctly in the Cloud Console as Windows 11 Pro 22H2.