Jailbreak
1 TopicIntune iOS Jailbreak false positives (Resolved)
Recently we have witnessed a few detections of Jailbroken devices marked noncompliant by the Compliance policy but after the next Check-in or Compliance check the devices return to compliant state.. We have not had any detections for a long period and now got a few during a brief period which is quite worrisome regardless of reasons. There are only a few possibilities what it could be related to: User has actually Jailbroken their device (not the case for my users) Intune has changed their detections with errors (did not spot relevant changes) Apple has changed something in their latest OS update (not likely as it is not wide spread) Some sort of malicious activity from advanced threat actors (highly unlikely) There is no commonality between the devices either, there are various models of iPhone and iPad with different operating systems versions. And the users are not even in the same network or region. There are also big problems with compliance reporting over various reports, device Overview might have a status of Compliant but looking under the Device compliance menu for a specific device it might report the device as Not Compliant and that status is not just lingering for a brief time after Check-in and violation clear.. it has stayed like that for a time now.. I have contacted Microsoft Support regarding this but no word just yet, so not sure if I am the only one or is it some sort of blunder from detection side. Any ideas?Solved13KViews0likes4Comments
