FS Protection PC Release 201

VilleVille Posts: 512 F-Secure Employee
in Home Security Beta Programs

This release contains following applications that combined make the FS Protection PC product:

  • Common Component Framework 3.01.279
  • Antivirus 17.201.121
  • Browsing protection 2.201.6961

New features:

  • Tray icon right-click menu functionality improved, changed style
  • About box now shows same information regardless of where it is opened, changed style

Fixed issues:

Browsing Protection:

  • Adult content displayed despite parental control being on (CTS-99921)

  • Unintended context menu in 'Allow/Deny websites list' dialog (CTS-99928, SAFE_BUG-01937)

  • Banking protection now accepts ip addresses in 'Allow websites list' (CTS-99942)

  • Localization problem in "Unlimited limits for Family Rules" (CTS-99936, SAFE_BUG-01939)

  • Time limits showing wrong hours/time zone in block page (CTS-99935, SAFE_BUG-01940)

Antivirus:

  • Event log shows less message than actuality (CTS-99675, SAFE_BUG-01845)
  • Protection - Malware left after system reported clean (CTS-99557)
  • Windows incorrectly reporting protection is turned off (CTS-99885)
  • App and file window inappropriately restored from minimized by flyer (CTS-99910)
  • Russian localized scan log -reports support URL is not valid anymore (CTS-99955, SAFE_BUG-01961)
UkkoyeoldfartLord_Aminanonymebetoche
5Like

Comments

  • Lord_AmiLord_Ami Posts: 68

    Upgraded without issues!

    betoche
    1Like
  • yeoldfartyeoldfart Posts: 512 Superuser

    Hello

    not a glitch as usual on my side... just one question for my personal experience: how come the corrected bugs you mention canot be, as far as I am concerned, detected before by myself ?

    Like
  • VilleVille Posts: 512 F-Secure Employee

    Hi @yeoldfart

     

    Regarding the bug list, I'm not familiar with all the fixes as the list comes from multiple teams (I personally work in the common part). Generally speaking we tend to keep the bug description short, but in reality it might require certain circumstances to happen, so it may not happen to you.

     

    Ville

    (F-Secure R&D)

     

    yeoldfart
    1Like
  • yeoldfartyeoldfart Posts: 512 Superuser

    Bonjour :)

    do your techs use some kind of stress test software ?

    Like
  • UkkoUkko Posts: 3,189 Superuser

    Hello,

     

    I'm also with good experience about upgrade from TP200 to TP201. Noticed (even read this topic before installing updates) that there upgrade-on-the-process just when tray-picture dropped and recreated with next notification about upgrade.

    Also decided to ask about some points:

     

    []-- Fresh 'About' looks with less information compare to previous 'abouts'.

    Does all other 'things' are not critical and should not be placed there?

     

    []-- How long should take 'changes' from My FS Protection portal about Content Blocker / Daily limits;

    Or what kind of delay can be unexpected? At least, for refreshing UI state.


    Thanks! 

    Like
  • VilleVille Posts: 512 F-Secure Employee

    @Ukko

     

    * About box - we removed the version numbers of sub-components, because that is not relevant information to the user. We only display the main version numbers in there. Also the 3rd party copyright notices in the scrollable area is incomplete, we should have everything in there in next release.

     

    * Changes from portal to client should go in about 1 second. The UI sometimes takes few more seconds to react, but the settings are effective before the UI shows them. If your computer has been sleeping, then after wakup there is about 90 seconds before the settings start flowing again. In TP201 there is a bug related to computer sleep which stops settings from working for days after sleep, it will be fixed in next release. Also if you have been disconnected from network or have network issues, the client will start throttling itself to avoid overloading the server; when re-connected, it can take up to 2 hours until settings start flowing again.

     

     

    Ville

    (F-Secure R&D)

     

    Ukko
    1Like
  • betochebetoche Posts: 49

    I noticed the new version is lighter than before!and the system isn't slow.
    like I don't have any av :) thanks for the update

    Lord_Ami
    1Like
  • Lord_AmiLord_Ami Posts: 68

    Been light for me all the time :) Haven't really noticed anything myself though.

    Perhaps a bit better startup speed, but that could have been caused by various tweaks I did to my system.

    betoche
    1Like
  • betochebetoche Posts: 49

    I want to run Memreduct which is a safe software but the Deep guard blocked it so I  put it in the Excluded list but the Deep guard keeps blocking it.
    There is no way to run this tool without disabling the real-time protection because the exclude list is not working. any idea?I never had such experience with the deep guard.
    P.s: the issue gon after a restart but I guess there is a bug or smth like that.

    Like
  • nanonymenanonyme Posts: 146 Path Finder
    @betoche wrote:

    I want to run Memreduct which is a safe software but the Deep guard blocked it so I  put it in the Excluded list but the Deep guard keeps blocking it.
    There is no way to run this tool without disabling the real-time protection because the exclude list is not working. any idea?I never had such experience with the deep guard.
    P.s: the issue gon after a restart but I guess there is a bug or smth like that.

    Hey,

    Only tangentially related but it sounds to me like all this software does is force flush process working sets to a page file on disk. If those processes were not dormant, this is likely to lead into a lot of disk trashing and reduced system performance. You can easily DDoS a system by doing this as admin so no wonder the software is blocked by default

    betoche
    1Like
  • betochebetoche Posts: 49

    fs.PNGI noticed fshoster64  using HTTP to connect your servers!! and we all know port 80 is not safe! did you ever consider to use HTTPS ? for me, this is weakness and from what I know most av companies using HTTPS.

    Lord_Ami
    1Like
  • Lord_AmiLord_Ami Posts: 68

    I also noticed similar stuff in hotfix installer log:

     

    2017-10-22 14:10:08.514 [1f38.07f8] I: *** LOGGING STARTED *** (UTC+3:00, session: 0x0)
    2017-10-22 14:10:08.514 [1f38.07f8] I: ParseCommandLine: Started with cmd line: "C:\Program Files (x86)\fs protection\apps\Ultralight\ulcore\1508417709\_hotfix.exe"
    2017-10-22 14:10:08.514 [1f38.07f8] I: InstallationLocker::Acquire: Lock acquired
    2017-10-22 14:10:08.514 [1f38.07f8] I: Downloader::downloadAndUnpack: Downloading 'http://download.f-secure.com/ultralight/hotfixes/hotfix.zip' (fallback 'http://download.f-secure.com/ultralight/hotfixes/hotfix_fallback.zip'). Package type: 0
    2017-10-22 14:10:08.514 [1f38.07f8] I: Downloader::downloadFile: Downloading from 'http://download.f-secure.com/ultralight/hotfixes/hotfix.zip' to 'C:\ProgramData\F-Secure\temp\hotfixes.zip'

     

    I'm not entirely sure if it's security issue, but isn't it possbile to do MITM (when using malicious proxy)? Sorry if this is noobish question, perhaps you use some other methods on validating the downloaded files.

    betoche
    1Like
  • betochebetoche Posts: 49

    Ok, I just found another problem: I disabled both  Deep Guard and real-time protection from the GUI! but the problem is f-secure still trying to block my keygen!
    Seems it's not working and the real-time protection is still active.


    Like
  • betochebetoche Posts: 49

    It's security issue! Even non-Av companies use https!

    Like
  • nanonymenanonyme Posts: 146 Path Finder

    HTTP isn't really something to be concerned about as long as custom payload validation systems are done on top of it

    Ukko
    1Like
  • VilleVille Posts: 512 F-Secure Employee

    Hi,

     

    Regarding HTTP vs HTTPS. Any package we download over HTTP has a custom crypto signature that we validate before using it. If you for example look into those zip files, they have a manifest file, which is a signature made by F-Secure. The client will only accept the package if the signature is valid. HTTP is used on some downloads to make it possible to cache the files on ISP proxy level.

     

    Ville

    (F-Secure R&D)

     

    UkkoLakshLord_Amibetoche
    4Like
  • betochebetoche Posts: 49
    Ok, thanks for the answer now I can trust it :)

    Like
  • betochebetoche Posts: 49

    I'm wonderingCapture.PNG what is this? xd The GUI changed from blue to red! and as  you can see its ugly

    Like
  • nanonymenanonyme Posts: 146 Path Finder

    Annual Halloween thing. Goes away soon

    Like
This discussion has been closed.