False positives for Compromised status on iOS 11.3 and 11.3.1 devices

Symptoms

The VMware AirWatch teams have received reports on false positives for compromised detection on some devices running iOS 11.3 and 11.3.1. This may occur on VMware AirWatch Agent, Workspace ONE, Container or any of the VMware productivity applications.

This article will be updated as our teams continue to actively investigate the issue. 

 

Preventative Action

To prevent un-enrollment of devices which encounter the false compromised detection, we recommend temporarily disabling the Compromised Protection setting under Groups & Settings > All Settings > Apps > Settings & Policies > Security Policies > Compromised Protection until the VMware AirWatch teams have identified the root cause of the issue.

Disabling Compromised Protection will prevent immediate unenrollment of a device when it is detected to be compromised (even for false positives).

Alternatively, to track and detect compromised devices, a compliance policy can be created to detect Compromised devices and Admins can be notified to take an action.

image002.png

 

Fix Version

Based on recently received reports, VMware AirWatch has identified a small percentage of iOS devices running unsupported versions of VMware AirWatch applications or internally developed SDK applications with SDK versions lower than 5.9.3.5 and 5.9.4.9. For all iOS 11.3+ devices, please ensure that AirWatch Apps are upgraded to the minimum versions outlined here.

Other Languages: 日本語

Have more questions? Submit a request

0 Comments

Article is closed for comments.