CyberQP incident

FALSE POSITIVE - Agent update 5.3.6.0 detected as malware by Webroot - FALSE POSITIVE

Notice Resolved View vendor source →

CyberQP experienced a notice incident on January 10, 2025 affecting Agent and Agent, lasting 7h 19m. The incident has been resolved; the full update timeline is below.

Started
Jan 10, 2025, 03:26 PM UTC
Resolved
Jan 10, 2025, 10:45 PM UTC
Duration
7h 19m
Detected by Pingoru
Jan 10, 2025, 03:26 PM UTC

Affected components

AgentAgent

Update timeline

  1. investigating Jan 10, 2025, 03:26 PM UTC

    We are aware that Agent version 5.3.6.0 update is being flagged as potentially malicious by Webroot. PLEASE NOTE: We can confirm this is a FALSE POSITIVE. If you are impacted, kindly submit this to Webroot as a FALSE POSITIVE. Our security and development teams are actively investigating the issue and working to address why this update was flagged. We’ll share updates as soon as more information becomes available.

  2. monitoring Jan 10, 2025, 07:34 PM UTC

    A fix has been implemented and we are monitoring the results.

  3. investigating Jan 10, 2025, 07:35 PM UTC

    We are aware that Agent version 5.3.6.0 update is being flagged as potentially malicious by Webroot. PLEASE NOTE: We can confirm this is a FALSE POSITIVE. If you are impacted, kindly submit this to Webroot as a FALSE POSITIVE. Our security and development teams are actively investigating the issue and working to address why this update was flagged. We’ll share updates as soon as more information becomes available.

  4. resolved Jan 10, 2025, 10:45 PM UTC

    Webroot support indicates that they have whitelisted the Agent update for 5.3.6.0 - we are hopeful their support team will be willing to work with us for future Agent updates so that this doesn't happen again. Agent updates, that failed, may require the Agent to be reinstalled. You can simply install over top of the existing installation via your RMM, scripting process, or manually via the GUI.