Detection logic issue
![[Deleted User]](https://community.f-secure.com/applications/dashboard/design/images/defaulticon.png)
With a recent change on 2018-11-19 [1] to improve the privacy handling of our endpoint products we created an issue in which under certain circumstances false negatives could occur. The issue was promptly discovered by F-Secure researchers. We have published an update on 2018-11-23 [2] that resolves the issue.
Note: The issue would only affect customers who opted out of F-Secure’s security cloud in their privacy settings. The default is to be opted in.
A fix for all affected F-Secure products was made available on 2018-11-23. It was rolled out via our automated update process, so no action from end users is required to fix the issue unless they have explicitly turned off the automatic updates.
Customers with affected products can check that they have received the latest updates of 2018-11-23 or later.
Affected products:
- F-Secure Antivirus 17.x
- F-Secure Internet Security 17.x
- F-Secure SAFE 17.x
- F-Secure SENSE 17.x
- All operator products with above versions
- F-Secure Client Security 13 and 14
- F-Secure Computer Protection
Not affected:
- F-Secure Client Security 12 or earlier
- All F-Secure Linux products
- All F-Secure Mac products
- All F-Secure Android products
- All F-Secure server products
Incorrect malware handling logic of executable files was possible if customer had opted-out from allow deeper analysis of non-personalized data. Even with this setting turned off, incorrect logic was not applied to all executable files. Commonly known executables did not trigger the incorrect logic – incorrect logic was only applied to smaller amount of previously unknown executables. For affected customers, the problem was mitigated by the multiple protection layers in the product.
[1] F-Secure Ultralight Core Update 2018-11-19_01
[2] F-Secure Lynx win64 Update 2018-11-23_01
