Forum Discussion
Msedge_proxy detected using sihost.exe tag as Behavioral threat "process spoofing" bu our cortex XDR
Hi, We recently identified (Monday, October 3, 2022) that there was being flagged as a high behavioral threat by our endpoint protection (Cortex XDR) on multiple computers across our organization; u...
We've also encountered a similar form of issue. I'd recommend looking closely at content version of the machine at the time of alert.
Palo Alto Support: "I would like to inform you that, these are False positives and also there is a fix release on the content update 710-19689. From the logs I can see that you are in content update 710-19496 that is why you are getting these alerts."
Palo Alto Support: "I would like to inform you that, these are False positives and also there is a fix release on the content update 710-19689. From the logs I can see that you are in content update 710-19496 that is why you are getting these alerts."