Deal with exploits
This is what happens when we detect an exploit.
If you know a detection is a false positive, see Deal with false positives.
When an exploit is detected, the following things happen:
- The exploit is stopped.
- The user is notified.
- A scan starts to clean up threats.
- A threat case is generated.
What you should do
Go to
and review the case details to find out where the attack started, how it spread, and which processes or files it affected.Often a user has downloaded or authorized an application that gave an attacker access. To avoid this, give users training in safe browsing.