Update 900000-exclusion_rules.xml

2025-11-03 21:33:16 +00:00 · 2023-06-20 08:29:55 -05:00
parent 6bb89a23db
commit 2ca470be98
1 changed files with 1 additions and 1 deletions
--- a/Rules/900000-exclusion_rules.xml
+++ b/Rules/900000-exclusion_rules.xml
@@ -258,7 +258,7 @@
  </rule>
  <!-- Exclude MicroSoft Teams -->
  <rule id="900040" level="1">
-    <if_sid>92910</if_sid>
+    <if_sid>92910,106117</if_sid>
    <field name="win.eventdata.sourceImage" type="pcre2">(?i)C:\\\\ProgramData\\\\.*\\\\Microsoft\\\\Teams\\\\current\\\\Teams.exe$|</field>
    <description>Exclude Microsoft Teams</description>
    <options>no_full_log</options>