Guest

Preview Tool

Cisco Bug: CSCvs29250 - AMP unable to quarantine malware stored on file share on windows servers

Last Modified

Dec 27, 2019

Products (1)

  • Cisco AMP for Endpoints

Known Affected Releases

7.0(5)

Description (partial)

Symptom:
AMP unable to quarantine or block execution of malware stored on network share on windows servers.
AMP is unable to quarantine the malware file if activated from local PowerShell, but it remained in a directory on a network share.
The quarantine failure code was 3221225531.

Conditions:
Malware should be stored on a network share and executed from an application remotely.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.