Hey everyone! I've got Carbon Black as my antivirus, and it's flagging the CVE-2013-3900 vulnerability. I followed Microsoft's recommendations on their update guide, but even after resetting my PC, Carbon Black still sees the issue. I'm running Windows 11 24H2 with Carbon Black agent version 4.0.3.2029. I'd love to hear from any other Carbon Black users who might have a solution or any tips you can share. Thanks a lot!
4 Answers
You might need to make some changes in the registry for the vulnerability to clear. Check these paths: [HKLMSoftwareMicrosoftCryptographyWintrustConfig] and set EnableCertpaddingCheck=1, and do the same for [HKLMSoftwareWow6432NodeMicrosoftCryptographyWintrustConfig]. That should help!
Just an FYI, I used the registry fix from the MS article, and Qualys accepted it as a valid solution.
If that doesn’t do the trick, it might be worth reaching out to Carbon Black support directly for their input.
Are you paying a lot for VMware Carbon Black? You might want to ask their support directly for help with this.
If I'm asking here, it's because I haven't gotten a response from them yet. But thanks for your input!
Thanks for your reply! Yes, I implemented that fix based on Microsoft's suggestion, but Carbon Black still detects the vulnerability.