• After upgrading or installing sensor version 3.7.0.1253, there are a large number of Alerts for "inject code" via NtQueueApcThread in the Carbon Black Cloud Console.
• See Example Below:

The application c:\windows\explorer.exe attempted to inject code into the process "c:\program files\internet explorer\iexplore.exe", by calling the function "NtQueueApcThread". The operation was successful.

• Carbon Black Cloud Sensor: Version 3.7.0.1253+

• An initial fix in 3.7.0.1411 has reduced the number of alerts, but alerts can still be generated and will be addressed in a later release
• These alerts can be safely be dismissed until a resolution can be provided
• If "inject code" alerts are being observed for any other function besides "NtQueueApcThread", then please create a Support Case to investigate the issue further.