Crowdstrike detects Connect Secure 9.1R16 as malware
Curious if anyone else who uses Crowdstrike (or other anti-malware products) has seen this?
We just upgraded a PSA3000 to Connect Secure v9.1R16 (build 20059) and upgraded ESAP to v4.0.4. On our remote laptops we connect to the vpn using a web browser ("browser client") and that causes Pulse Secure Application Launcher (PSAL) to launch. Almost immediately the Crowdstrike agent on the remote laptop began to detect files as "malicious". This is during the portion where PSAL downloads the newer files from the Connect Secure appliance. Initially one file was detected and quarantined, so we added an exception and tried to connect again only to have two more files detected and quarantined. We have a ticket open with Pulse Secure tech support and waiting for their feedback.
In addition to Crowdstrike, at least one other anti-malware product also detects these files as malicious.