Devart Forums

Discussion forums for open issues and questions concerning database tools, data access components and developer tools from Devart
https://forums.devart.com/

SDAC installer reading lsass.exe process memory

https://forums.devart.com/viewtopic.php?f=6&t=40595

Page 1 of 1

SDAC installer reading lsass.exe process memory

Posted: Wed 06 May 2020 14:02
by carlmon
Hi,

Our AV (Carbon Black) was triggered by the SDAC installer. It seems to be reading the lsass.exe process' memory where Windows credentials are kept. Is this intended and why is it needed?

Some screenshots for further detail:
Image
Image

Re: SDAC installer reading lsass.exe process memory

Posted: Tue 12 May 2020 15:37
by Stellar
During SDAC installation, we don't read the lsass.exe process' memory. SDAC installer was developed using InnoSetup, which might use that process, though we're not sure as it's a third-party tool.
Our users haven't reported issues with antivirus alerts during the installation so far.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/