Environment
- CB Defense Sensor: All versions
- CB Defense PSC Console: All versions
- Micorosft Windows: All supported versions
- Microsoft Office 365
Question
Why are some Microsoft Office 365 updates blocked when launched through the OfficeClickToRun.exe update mechanism?
Answer
These updates may include unsigned, new files such as ChakraCore.dll that are open source and initially flagged as PUPs
Additional Notes
- Since these files are unsigned and open source, the PUP reputation is initially applied
- Initially trusting these files carries risk in case of supply chain compromise of open source software
- Once the files are ingested into the CDC-R, the reputation should be updated
Related Content