...
| Expand | ||
|---|---|---|
| ||
Update: Please review SE’s post on the official EcoStruxure Geo SCADA Expert Forum here: https://community.se.com/t5/EcoStruxure-Geo-SCADA-Expert/Windows-Defender-update-falsely-detects-some-Geo-SCADA-files/td-p/457549 As of Thursday 14 December 2023, AUTOSOL has been made aware of Schneider Electric EcoStruxure Geo SCADA Expert software components being flagged by Microsoft Defender XDR as malware. Specifically, “PUA:Win32/SpeedChecker”.  While we are still investigating, we encourage all our customers to review their security software update process and see if it’s possible to avoid updating Microsoft Defender XDR (and the security intelligence updates) on their OT networks until we receive additional guidance from Microsoft and Schneider Electric.  The consequences of the update result in the possible quarantine of the Geo SCADA Expert processes required for operation. Exclusion of the Geo SCADA install directories should mitigate this issue. However, recovery after automatic quarantining of the processes may be difficult without reinstalling Geo SCADA. Guidance from Schneider Electric will be posted on the EcoStruxure Geo SCADA Expert Forums here: https://community.se.com/t5/EcoStruxure-Geo-SCADA-Expert/Windows-Defender-update-falsely-detects-some-Geo-SCADA-files/td-p/457549 Please see the below links for official recommendations on anti-virus exclusions on production environments: Geo SCADA Knowledge Base: https://community.se.com/t5/Geo-SCADA-Knowledge-Base/Anti-virus-Scan-Exclusions/ba-p/278735 Geo SCADA 2022 Help File (article ‘Anti-virus Scan Exclusions’): https://tprojects.schneider-electric.com/GeoSCADAHelp/Geo%20SCADA%202020/Default.htm#ServerAdministrationGuide/Anti-virusScanExclusions.htm This post will be updated as more information becomes available. |
...