K
Karl_83
Good afternoon,I am looking for some advice on an issue I am seeing in an environment I look after. We currently use Trellix/McAfee Solidcore (Application and Change Control) in our Windows 10 environment and for a little while now and on a daily basis alerts are being generated in their thousands related to file write denied operations which take place against known Windows files (below). The action is blocked which is by design as the files are protected by Solidcore, but should these processes be allowed to write to the files below? NT AUTHORITY\SYSTEM under process name: Services.exe
Continue reading...
Continue reading...