Symantec Suspicious.Cloud.2 Detected
Posted: Tue Mar 07, 2017 1:04 pm
Product: PrimalScript 2017, Version & Build: 7.3.100.0 (Product: PowerShell Studio 2017, Version & Build: 5.4.136.0)
32 or 64 bit version of product: 64 bit
Operating system: Windows 7
32 or 64 bit OS: 64 bit
Hello!
Upon upgrading both PrimalScript and PowerShell Studio from versions 2016 to 2017, Symantec Endpoint Protection detected a Suspicious.Cloud.2 vulnerability in the file "SAPIEN PowerShell V2 Host (Command line) Win32.exe" and quarantined the exe as a result. These files exist in both the PrimalScript and PowerShell Studio install directories listed below. In searching the forums I have discovered that this exe has been flagged with other vulnerabilities in previous versions but no other details were provided at that time. Symantec did not identify this upon my initial installation of the 2016 version, so I can only assume the file was white listed by them at some point. Are you able to provide more information as to what is in this exe that Symantec is identifying as a risk? In the meantime I have submitted the file for review to Symantec to identify if this is a false positive, which it most likely is.
Install Directories:
C:\Program Files\SAPIEN Technologies, Inc\PrimalScript 2017\ScriptEngines\SAPIEN PowerShell V2 Host (Command line) Win32.exe
C:\Program Files\SAPIEN Technologies, Inc\PowerShell Studio 2017\ScriptEngines\SAPIEN PowerShell V2 Host (Command line) Win32.exe
32 or 64 bit version of product: 64 bit
Operating system: Windows 7
32 or 64 bit OS: 64 bit
Hello!
Upon upgrading both PrimalScript and PowerShell Studio from versions 2016 to 2017, Symantec Endpoint Protection detected a Suspicious.Cloud.2 vulnerability in the file "SAPIEN PowerShell V2 Host (Command line) Win32.exe" and quarantined the exe as a result. These files exist in both the PrimalScript and PowerShell Studio install directories listed below. In searching the forums I have discovered that this exe has been flagged with other vulnerabilities in previous versions but no other details were provided at that time. Symantec did not identify this upon my initial installation of the 2016 version, so I can only assume the file was white listed by them at some point. Are you able to provide more information as to what is in this exe that Symantec is identifying as a risk? In the meantime I have submitted the file for review to Symantec to identify if this is a false positive, which it most likely is.
Install Directories:
C:\Program Files\SAPIEN Technologies, Inc\PrimalScript 2017\ScriptEngines\SAPIEN PowerShell V2 Host (Command line) Win32.exe
C:\Program Files\SAPIEN Technologies, Inc\PowerShell Studio 2017\ScriptEngines\SAPIEN PowerShell V2 Host (Command line) Win32.exe