Another Round of False Positves

James_H

Hi all,

We are seeing MS Update for Windows Defender Antivirus - KB2267602 marked as a Trojan…. AGAIN… this time marked as Gateway Anti-Virus Alert: (Cloud Id: 57664294) AvKill.HBB (Trojan).

Couple of Source IPs:

217.20.54.37 - Qwilt Inc

199.232.210.172 - Fastly

Both of these are CDNs used by MS.

This isn't the first time we have seen this KB marked as a threat. Any chance anyone else out there is having the same issue?

It's a problem because we update servers in the evening, and the update never downloads, so our techs are waiting for it when they should be getting some much needed sleep.