Assume the following scenario:
- One leads a Functional test for the Certificate Enrollment Policy Web Server (CEP) by.
- For this, one uses a certutil command that uses Kerberos authentication, e.g.:
certutil -ping -kerberos -config "https://{Servername}/ADPolicyProvider_CEP_Kerberos/service.svc/CEP" CEP
The certutil command is incorrectly detected by Windows Defender or Windows Defenter Advanced Threat Protection as Win32/Ceprolad.A.
English 
Deutsch
One thought on “Windows Defender erkennt certutil als Schadsoftware (Win32/Ceprolad.A)”
Comments are closed.