1. Balasubramanian Natarajan
  2. PowerBuilder
  3. Monday, 12 February 2024 16:30 PM UTC

Hi Team,

We are running some child applications from a main application (both child and main application are PB applications) 

Recently we had upgraded our PB version from PB2017 to PB2022, after this PB upgrade the alerts that Crowd Strike is showing in logs is alerting the security team to possible Malware type issue from few of the PB child applications. 

As per our analysis we did not do any code changes in these child applications recently, only change is PB version upgrade from 2017 to 2022.

Could you please share your thoughts on the Crowd Strike Malware type alerts ? 

Thanks in advance.

Balasubramanian Natarajan Accepted Answer Pending Moderation
  1. Tuesday, 20 February 2024 14:26 PM UTC
  2. PowerBuilder
  3. # 1

Hi Chris,

Can we have discussion with Appeon team to discuss about this Malware alerts (crowd strike) or

Can we get technical support from Appeon to address this issue? 

Comment
  1. Chris Pollach @Appeon
  2. Tuesday, 20 February 2024 21:44 PM UTC
Hi B;

You are always welcome to open a Support Ticket if you think that something is either a product "bug" or a possible "enhancement" that should be done. From there, this could lead to a more detailed discussion with our Appeon Team. However, if your issue is not an enhancement or a bug, then the Support Ticket route may not be fruitful (IMHO).

From what I have seen in the responses, the two good alternatives presented are: A) Work with the Cloud Strike vendor to get rid off the false positives or B) Sign your application(s) to allow Cloud Strike to "trust" your App EXE's. HTH

Regards ... Chris

  1. Helpful
There are no comments made yet.
Chris Pollach @Appeon Accepted Answer Pending Moderation
  1. Monday, 12 February 2024 17:49 PM UTC
  2. PowerBuilder
  3. # 2

Hi ;

 In addition to Armeen's advise, please also note this security bulletin. This could affect your PB 2017 apps. ... https://www.appeon.com/developers/securitybulletin/powerbuilder_apache_log4j2.html

Regards ... Chris 

Comment
There are no comments made yet.
Armeen Mazda @Appeon Accepted Answer Pending Moderation
  1. Monday, 12 February 2024 17:10 PM UTC
  2. PowerBuilder
  3. # 3

False positive.  Report it to the anti-virus vendor so they improve their algorithms.  You also may want to white-list your apps if possible, and definitely do what Mike said to sign your EXE's with a trusted certificate.  Regardless of which anti-virus program you use, Windows OS itself doesn't like apps that are not signed.  You can possibly get unverified publisher error among other problems.

Comment
There are no comments made yet.
mike S Accepted Answer Pending Moderation
  1. Monday, 12 February 2024 16:41 PM UTC
  2. PowerBuilder
  3. # 4

did you sign the EXEs?

Comment
There are no comments made yet.
  • Page :
  • 1


There are no replies made for this question yet.
However, you are not allowed to reply to this question.