Windows Defender blocks the Agent on Windows Server 2022 if "Remote configuration update" mode is enabled

it-novum / openitcockpit-agent-go

Cross-Platform Monitoring Agent for openITCOCKPIT written in Go

https://openitcockpit.io/download_agent/

Apache License 2.0

5 stars 2 forks source link

Windows Defender blocks the Agent on Windows Server 2022 if "Remote configuration update" mode is enabled #65

Closed nook24 closed 2 years ago

nook24 commented 2 years ago

Operating system Windows Server 2022

Describe the bug When Enable remote configuration update mode is enabled in the Agent config, Windows Defender will block the Agent and trigger an Remote Code Execution vulnerability.

remote_config_update

To Reproduce Steps to reproduce the behavior:

Enable Enable remote configuration update mode on Windows Server 2022

Additional context This bug/issue got reported by Milkat via Discord

nook24 commented 2 years ago

I was not able to reproduce this in Windows Server 2022 Standard.

Please open a new issue when you experience issues with Windows Defender