Db2

  • 1.  Windows Defender - Threat Detection on reqeust.exe

    Posted Wed July 08, 2020 08:29 PM
    Hi team

    Windows defender is detecting  dmc request.exe as an known threat  Win32/Uwasson.A!ml   


    I see this reqeust.exe is under a addons folder..  Is this a 3rd party tool used by DMC ? 

    Also,  it's not digitally signed.  IBM should provide compiled application,  signed digitally to avoid these false alerts. 

    Can you confirm this exe is really part of DMC, and that we can trust it ?  




    ------------------------------
    Samuel Pizarro
    ------------------------------

    #Db2


  • 2.  RE: Windows Defender - Threat Detection on reqeust.exe

    Posted Sun July 12, 2020 03:27 AM
    Thanks Samuel reporting this! We actually did windows sign-in process for DMC from v3.1.1. I will let team to take a look of this specific .exe file to see whether these is something missing here.

    ------------------------------
    Su Li Hou
    ------------------------------



  • 3.  RE: Windows Defender - Threat Detection on reqeust.exe

    Posted Wed July 15, 2020 04:25 PM
    Hi Samuel. Thanks for bringing the issue to our attention. Yes, request.exe is indeed a part of DMC. It helps us in allocating a free port to fetch the alerts into the data management console. As you said, it should have been digitally signed. Apologies for the inconvenience with the Windows Defender. Let me check with the sign on team and get back to you. But request.exe is indeed a valid executable.

    ------------------------------
    Abhinandan Kelgere Ramesh
    ------------------------------



  • 4.  RE: Windows Defender - Threat Detection on reqeust.exe

    Posted Thu July 16, 2020 08:25 AM
    Hi @Abhinandan Kelgere Ramesh

    Thanks for confirming it.  For now, I have made an exclusion policy on Windows-Defender to allow this executable to run and not "check- it" anymore.

    Thanks


    ------------------------------
    Samuel Pizarro
    ------------------------------