Last Modified: Oct 17, 2023
Affected Product(s):
BIG-IP APM
Known Affected Versions:
11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3
Opened: Dec 28, 2015 Severity: 3-Major Related Article:
K93491035
Endpoint checking reports incorrect 'last scan time' for Windows Defender v4.8.10240.16384 on Windows 10
Access policy will be evaluated incorrectly. In some cases, access policy evaluation might fail.
User is connecting to APM on Windows 10. Access policy has an endpoint check configured. Access decision is made based on last scan time. Client system has Windows Defender v4.8.10240.16384 installed on it.
Don't use 'last scan time' in access policy. As an alternative, you can provide read-only access to the folder that OPSWAT needs to access: C:\ProgramData\Microsoft\Windows Defender. This requires an Administrator to set read-only folder access for the Windows system that is being accessed. This is not a BIG-IP system-specific workaround, and depends completely on your internal networking configuration and permissions settings.
None