The RMM agent underwent an update, causing some devices with antivirus software, mainly Microsoft Defender for Endpoint, to alert on the update behavior and quarantine "cagservice.exe". This alert has been identified as a false positive. To prevent these alerts on Microsoft Defender for Endpoint for this new RMM agent, please follow these steps: 1. Go to the Security Portal 2. Go to Settings 3. Go to Endpoints 4. Under "Rules" click on "Indicators" 5. Under the file hashes, add the indicator with the SHA256 Hash: "91774f1195ba7042293bba1152afc334052d6c235a90e715f8c5c5fc8f27b089", and set the expiration to never, and the action to "Allow" 6. Allow time for the indicator to sync to endpoints. For more information on these steps, please see this Microsoft article: https://learn.microsoft.com/en-us/defender-endpoint/indicator-manage?source=recommendations The Kaseya R&D team is continuing to investigate this issue.
Last update on
We are providing an update on the ongoing service disruption. The Middle East (UAE) Region (ME-CENTRAL-1) has suffered damage as a result of the conflict in the Middle East and is currently unable to reliably support customer applications. While some workloads continue to function normally, we strongly recommend customers migrate all accessible resources to other Regions and restore inaccessible resources from remote backups as soon as possible. Relevant billing operations are currently suspended while we restore normal operations in this AWS Region. This process is expected to take several months.
Last update on
Monitors
Datto RMM - Vidal - Cagservice.exe being flagged as malicious by Antivirus Software
Datto
Amazon Web Services
Freshservice
StatusGator