This morning, Trend Micro quarantined and deleted MEHTTPS.exe, flagging it as a vulnerability with potential to exploit as per CvE-2015-1635. NIST lists the vulnerability here: https://nvd.nist.gov/vuln/detail/CVE-2015-1635
What I'd like to know is if I have a false positive or not? Is there something the devs need to patch?
MEHTTPS picked up for CvE-2015-1635
-
- Site Admin
- Posts: 9738
- Joined: Mon Mar 22, 2004 4:44 am
- Location: Melbourne, Victoria, Australia
Re: MEHTTPS picked up for CvE-2015-1635
Hi,
What version of MailEnable Professional do you have installed? If not 10.39 then you need upgrade. If 10.39 then most likely a false positive.
What version of MailEnable Professional do you have installed? If not 10.39 then you need upgrade. If 10.39 then most likely a false positive.
Regards,
Ian Margarone
MailEnable Support
Ian Margarone
MailEnable Support
Re: MEHTTPS picked up for CvE-2015-1635
Hi Ian,
I have 10.39 installed. I also have exceptions for MailEnable so I'm not sure why our A/V picked it up anyway. I just wanted to make sure it wasn't something more serious. Thank you!
I have 10.39 installed. I also have exceptions for MailEnable so I'm not sure why our A/V picked it up anyway. I just wanted to make sure it wasn't something more serious. Thank you!