Bug w/IS2016 causes 403 error instead of F-Secure block page to appear
I opened a ticket about this back on 12/19/15, but never received a response from customer care, so I figured I'd post it here as well.
It seems like there might be a bug with the proxy or whatever mechanism is used to display F-Secure's block page in a browser. When it occurs, instead of seeing a page indicating F-Secure blocked something, you'll instead see a 403: Forbidden error message. I've managed to reproduce this in multiple browsers, all running Windows 10. IS2016 is fully updated, and I have no other security software or browser extensions enabled. The issue stops after uninstalling F-Secure from the PC.
To reproduce, using AMTSO's safe desktop product test pages:
hxxp://www.amtso.org/feature-settings-check-for-desktop-solutions/ -> test cloud protection or test protection against PUAs (both are inert files of *.exe type) - if you click either of these, you'll receive a 403: Forbidden error from F-Secure. If IS2016 isn't installed, it'll download both files normally. If you use the EICAR test file (non-drive-by download), it blocks normally w/the expected F-Secure block page.
I've also seen this occur as a result of web protection false positives affecting legitimate downloads (403 error appears, but if you uninstall, the file downloads normally). I've tested w/Chrome stable, FF, Edge, etc. and it occurs in every browser.
System: Windows 10 x64, Intel 4770 CPU, 32GB RAM, No other security software