Why is FSCS Browsing Protection blocking access to PuTTY's download location?
Why is F-Secure Client Security's Browsing Protection blocking access to PuTTY's download location http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe? What kind of harmful behaviour have been found on this site?
It appears that the Browser Protection only blocks the download link when it includes the file name. This URL is blocked:
while this URL
is not blocked. When you visit the URL without the file name, you can click the putty.exe download link without Browser Protection alarming.
I haven't testet to see if B.P. blocks all URLs with exe files in the address, but I am pretty sure it doesn't as this would raise a lot of alarms for me as I regularly download a lot of different small command line utilities.
Correction to my previous post:
It appears that I was fooled by Browser Protection whitelisting the URL after I first confirmed that I wanted to visit the download URL. Visiting the URL
is OK, but if I click on "putty.exe" to download, the Browser Protections still screams as long as I haven't acceptet the B.P. warning and chosen to continue at least once.
There was a new PuTTY release out on december 10th, 1011, and my guess is that there is a Browser Protection false positive in this new version. I have never had any problems downloading PuTTY before, and I have been doing so for the last decade or so.
The exe-path resolves todos not look very trustworthy to me but it is correct.Anyway why is the link marked green but accessing it gets a block-page?Lets wait for the answers from the team..
The link is a link to Graham Tatham's personal homepage where Putty has always resided. It may look suspicious. but it has always been that exact address and it has not been blocked before now.
One thing I noticed is that it is only the URL containing putty.exe that is blocked. If I try puttytel.exe or pageant.exe I get through without warnings or hiccups.
Funny you mentioned the green OK signal - I noticed it as well, but forgot to mention it.
Let's wait and see what the F-Secure team has to say.
you can download putty.zip instead before