Bug w/IS2016 causes 403 error instead of F-Secure block page to appear

cvvorous
cvvorous Posts: 7 Explorer
in Web Browsing

Hi,

 

I opened a ticket about this back on 12/19/15, but never received a response from customer care, so I figured I'd post it here as well.

 

It seems like there might be a bug with the proxy or whatever mechanism is used to display F-Secure's block page in a browser. When it occurs, instead of seeing a page indicating F-Secure blocked something, you'll instead see a 403: Forbidden error message. I've managed to reproduce this in multiple browsers, all running Windows 10. IS2016 is fully updated, and I have no other security software or browser extensions enabled. The issue stops after uninstalling F-Secure from the PC.

 

To reproduce, using AMTSO's safe desktop product test pages:

 

hxxp://www.amtso.org/feature-settings-check-for-desktop-solutions/ -> test cloud protection or test protection against PUAs (both are inert files of *.exe type) - if you click either of these, you'll receive a 403: Forbidden error from F-Secure. If IS2016 isn't installed, it'll download both files normally. If you use the EICAR test file (non-drive-by download), it blocks normally w/the expected F-Secure block page. 

 

I've also seen this occur as a result of web protection false positives affecting legitimate downloads (403 error appears, but if you uninstall, the file downloads normally). I've tested w/Chrome stable, FF, Edge, etc. and it occurs in every browser.

 

Thanks,

Chris

 

System: Windows 10 x64, Intel 4770 CPU, 32GB RAM, No other security software

 

 

Like Awesome

Comments

  • [Deleted User]
    [Deleted User] Posts: 0

    Hi Chris,

     

    Thanks for bringing this to our attention. And sorry to hear about the delay in the case you opened.

     

    I have highlighted your case and your Community post to the respective Support team. They will be getting back to you soon for further troubleshooting on this issue.

     

    Like Awesome
  • cvvorous
    cvvorous Posts: 7 Explorer

    This is still happening. I nudged the support agent on the ticket that was opened back in January about it, and was told it would be fixed "soon" - nearly three months on (initial contact 12/19, updated 1/19), it's still happening and is still super annoying.

     

    Any chance this might actually see resolution sometime before the 2017 product launches? I had to remove the product in the interim because the 403 errors + frequent false positives means I regularly have to disable web filtering to use my PC until the FP reports submitted get resolved (which sometimes takes days). 

     

    Thanks.

    Like Awesome
  • Chameni
    Chameni Posts: 234 F-Secure Employee

    Hi Cvvorous,

     

    Sorry to hear about your trouble! I have highlighted your post to our Support team for further looking into and update you about this ongoing issue.

    Thanks.

     

    Like Awesome
This discussion has been closed.
Feedback on New Design

Categories