CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More
Get access to immediate incident response assistance.
To avoid the rule triggering on Office documents, you can exclude the child files extracted from these documents from the double extension check.
The "double extensions" check is designed to block files that try to hide their type from Windows users. Although this check can be valuable, it is also prone to false positives. Legitimate files can be named with multiple dots (for example a log file could be named application.jun25.log)
To contact Trustwave about this article or to request support:
This is a bot-free zone. Please check the box to let us know you're human.
Download Now
Read complimentary reports and insightful stories in the Trustwave Resource Center
One of our sales specialists will be in touch shortly.