We are using KES 11.4 with KSC 12, and have some issue regarding event malicious link wpad domain which occured on our endpoint device user
Event type: Dangerous link blocked Application: Host Process for Windows Services Application\Name: svchost.exe Application\Path: C:\Windows\System32\ Application\Process ID: 2444 User: (Active user) Component: Web Threat Protection Result\Description: Blocked Result\Type: Malicious link Result\Name: http://wpad.domain.name/wpad.dat Result\Threat level: High Result\Precision: Exactly Object: http://wpad.domain.name/wpad.dat Object\Type: Web page Object\Path: http://wpad.domain.name/wpad.dat Object\Name: wpad.dat Reason: Automatic analysis Database release date: 10/2/2021 8:29:00 AM
is there any solution beside ask the provide to change their router since it’s not our “area” to ask replacement hardware when the user using it from their home.
WPAD Malicious Link
in Kaspersky Endpoint Security for Business
Posted
We are using KES 11.4 with KSC 12, and have some issue regarding event malicious link wpad domain which occured on our endpoint device user
Event type: Dangerous link blocked
Application: Host Process for Windows Services
Application\Name: svchost.exe
Application\Path: C:\Windows\System32\
Application\Process ID: 2444
User: (Active user)
Component: Web Threat Protection
Result\Description: Blocked
Result\Type: Malicious link
Result\Name: http://wpad.domain.name/wpad.dat
Result\Threat level: High
Result\Precision: Exactly
Object: http://wpad.domain.name/wpad.dat
Object\Type: Web page
Object\Path: http://wpad.domain.name/wpad.dat
Object\Name: wpad.dat
Reason: Automatic analysis
Database release date: 10/2/2021 8:29:00 AM
is there any solution beside ask the provide to change their router since it’s not our “area” to ask replacement hardware when the user using it from their home.