FS Protection PC Release 210

F-Secure

FS Protection PC Release 210

Fixed issues:

Antivirus:

  • Slash not backslash in forbidden protected folder error message (PBL-3170)
  • Still SBot.exe triggers Ransomware protection (SAFE_BUG-02181, CTS-100508)

Browsing Protection:

  • Crash observed in banking protection (CTS-100514)
  • Block page icons render wrong on some scaling options with IE and Edge (CTS-100499)
  • Windows 10 virtual desktops allow to bypass time limits (CTS-100465)
  • Firefox plugin causes bad performance problems with large amount of tabs (CTS-100348)
  • Remote desktop connection is cut right after start banking session (CTS-100515)
Tags (2)
13 REPLIES 13
Highlighted
Champion

Re: FS Protection PC Release 210

Thanks!

 

Upgrade went smooth.

Tags (2)
Superuser

Re: FS Protection PC Release 210

Hello,

 

Thanks for release!

 

But... does Ransomware protection (as part of DeepGuard) with large changes to 'how it works'-field?

 

For example, what if it start be with more protection against direct and strict ransomware-rules (and, for example, encrypting). Or scale it to more suspicious activities than one.

Because otherwise -> all (?!) of available for me (own tries/checks) with perfect ignorance any modifications to files under protected folders.

 

My brief checks are:

-> Modify or access to file by/under/with unknown and uncommon application (executable).

-> Deleting file or folder under protected folders by using script-files.

-> Some of false-positive detections (when valid/common steps and valid/common executables triggered Ransomware-protection feature) are dropped. Examples of executables (Microsoft Edge, Opera Neon, Steam...).

 

Possible to suspect that it is part of fixes with some of situations. But... not sure about all of them (so, more sounds as design is re-designed).

 

Thanks!

Tags (2)
Superuser

Re: FS Protection PC Release 210

smooth ride as usual, congrats

Superuser

Re: FS Protection PC Release 210

I think this new layer deserves broad advertising coverage designed for non geek PC users

F-Secure

Re: FS Protection PC Release 210

Hi @Ukko

 

Ransomware protection is in beta phase, so we are still tweaking how the detections work. We must find the balance of aggressive enough but not blocking everything.

 

We are definitely interested in your feedback.

 

Ville

(F-Secure R&D)

 

Superuser

Re: FS Protection PC Release 210

I am as always willing to help but wonder how I can test such a feature if I am not exposed to such threats, I only happen to receive spam which smell bad e.g. asking to renew my address and pw, of course I flag such mail as spam without reading (opening them).

Superuser

Re: FS Protection PC Release 210


@yeoldfartwrote:

I am as always willing to help but wonder how I can test such a feature if I am not exposed to such threats, I only happen to receive spam which smell bad e.g. asking to renew my address and pw, of course I flag such mail as spam without reading (opening them).


With such situation: test a feature against documentation; or against false positives. Except trying to check payload from spam letters. :)

My own experience: with TP210 I did not receive any of notifications about tries to access protected folders (files). Even I tried to provoke it by common hand-made tricks (so, maybe it is not enough for real impact and thus DeepGuard properly sense it). Basically, I'm not sure how Ransomware works (at least, with such part that other layers can not to detect it).

F-Secure

Re: FS Protection PC Release 210

Just like @Ukko said, just test with the normal applications that you use that there is no interference from our product. Don't test with malware/ransomware, leave that to us. We have special environment where we can do it safely.

 

Ville

(F-Secure R&D)

 

Superuser

Re: FS Protection PC Release 210

ok Ville I just wanted to help more :)