Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Daniele-Milani
New Contributor

Anti Exploit False Positive

Good morning,

 

My name is Daniele Milani and I am the Tech Sales Leader of Ermes Cyber Security, an Italian cybersecurity firm.

 

In order for our browser protection to operate, we need to communicate with a desktop application, and we do so through native messaging (https://developer.chrome.com/docs/extensions/mv3/nativeMessaging/).

 

Unfortunately, the Forticlient Anti Exploit module marks that communication as malicious on chromium-based browsers, as evidenced by the log line below.
msg="AntiExpoit has detected violation" action= ae_api=CreateProcess ae_reason="Run payload in protected process" app="C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe"
msg="AntiExpoit has detected violation" action= ae_api=CreateProcess ae_reason="Run payload in protected process" app=C:\Users\username\AppData\Local\Google\Chrome\Application\chrome.exe

 

Could you kindly mark this detection as a false positive?

 

Thanks so much,
Daniele

2 REPLIES 2
raichu059
New Contributor

Op sounds like a freelancer / works from home. He’s clearly not working at an office. Maybe there’s no room where he lives for a second computer or he can’t afford one at the moment. Saying him having or leaving open a program is his fault is irrelevant because it just proves his point that it scans your computer and not trying to make sure the game isn’t being tampered with. Adding to that just because you work on QA or malware research doesn’t mean you play videogames or play PC games. They probably work out of an office anyway.

https://19216811.cam/ https://1921681001.id/
Daniele-Milani

Hello! I think that this answer belong to another thread...

Top Kudoed Authors