TP136 WINDOWS CLIENT RELEASE

F-Secure

TP136 WINDOWS CLIENT RELEASE

FS Protection PC Release 136

 

  • Common Component Framework 2.36 build 323
  • Antivirus 14.135 build 100
  • Browsing protection 2.136 build 3390

Fixed issues
Common:

  • Support tool has a lot of timeouts for network commands (CTS-96130)
  • Support tool output file is not where it should be (not tracked)

Browsing Protection:

  • Email Checking Problems with Banking Protection (CTS-95302)
  • Statistic does not increase when opening harmful URLs in new tab (CTS-95574)
  • Slow shutdown during stress test causes hoster dump  (CTS-96017)
10 REPLIES 10
Superuser

Re: TP136 WINDOWS CLIENT RELEASE

Hello,

 

Sorry for my question/reply.

 

It's about Banking Protection feature (with re-designed points around some TPs ago).

I mean about point, when.... it's track/check PID (Or how it normally called) of processes/other for prevent some of them. As result (for example) Banking Protection trigger-launch-action under one browser will be as reason for prevent to use "other" browsers (other browsers... or Private-mode under same browser... or other mode under same browser with another PID or something else).

 

So.. question will be next:

 

-> Does current feature should be work just for supported browsers (as variant/example of process and network connection trigger) and not work for not-supported-browsers?

Such as: "supported browsers" will be with prevention-block-page and connection-block during try to use 'another' browser (during Banking Protection session under "original" browser);  and "unsupported browsers" will be "allow" for using.. and it's as design (or not as design, but normal... just because.. they also can be "missing" for web-traffic scanner as example).

 

Sorry again for strange question.

 

Thanks.

Tags (1)
F-Secure

Re: TP136 WINDOWS CLIENT RELEASE

Basically, during a banking session triggered by a certain browser, open other browsers will display a proper blockpage. This should happen with supported browsers, but if also works for unsupported browsers(not officially supported), e.g., Opera, we consider this as a positive side effect for user.

Superuser

Re: TP136 WINDOWS CLIENT RELEASE

Hello,

 

Thanks for response.

But if it's not work with unsupported browsers - it's will be a normal?

I mean not just a blockpage, which will be with supported browsers (with my experience - Opera does not display 'blockpage', but just network-connection goes be blocked.. or it was just local experience I just forget to manually install extension for Opera; with extension, which available to manually install for most of Blink-core browsers.. will be always blockpage probably) - but also network-connection, web-traffic scanning (as another thing.. which not really comes just for Banking Protection, but maybe related point).

 

Sorry for questions again.

F-Secure

Re: TP136 WINDOWS CLIENT RELEASE

For unsupported browsers, our security features are not expected to work(or work properly), which means we will not do any bug fixing or development work for those browsers  unless we see the needs in the future. Users are recommented to use the supported browsers if they want the security features work properly.

Superuser

Re: TP136 WINDOWS CLIENT RELEASE

Hello,

 

Thanks for response and for explanation!

 

But.. just one else question (sorry). But does it can be mean... that feature about "restricted" network connection should be work for all places... if it's not whitelisted (as.. there not "support/unsupport" points maybe, but just should be denied or allow, if it's under "whitelist"). And if yes. Does it mean that "unsupported" browsers (as example) can be marked as "whitelisted" ones under BP-feature design?

There already not "web-traffic scanner" under system-layers. But just feature about Banking Protection, where "not trusted" (?! or not allowed connection) network connection will be prevented?! Or something same.

 

Sorry again Smiley Sad .

 

Thanks.

F-Secure

Re: TP136 WINDOWS CLIENT RELEASE

Hi,

For "Connection cut" feature, when there is an active banking session, product will only allows safe connections, dose not matter which browsers triggered the banking session. So it's correct that connection cut should work in any case as far as there is a banking session.
The feature is enabled by default for FS Protection, you can disabled it from Settings under the Banking Protection.

Superuser

Re: TP136 WINDOWS CLIENT RELEASE

Hello,

 

I think it will be "last" ask (sorry for new question again). Smiley Sad

 

And... it's mean, that if unsupported browsers does not with "connection cut" after launch (with same time, when supported browsers with "connection cut") during banking session - there not normal situation?

If there any normal reasons for current behavior? (I can to think.. that it's will be for any browsers, which have not just one core - but multi-engines. Related with something as Maxthon/Sleipnir and some of other variants, where can be three engines (include firefox-based one) and etc. Maybe they have another tricks about and it's not related with engine. And I not sure.. maybe it's can be and with something as Blink-core by some of local companies.. which create more changes for core; And it's not related with certainly banking protection, because there can be missing and web-traffic scanning points. but maybe "connection cut' should to work with another powerful-status).

Highlighted
Superuser

Re: TP136 WINDOWS CLIENT RELEASE

Hello,

 

Also about other strange point. But maybe it's should be like that (so.. I ask certainly about it) and there all OK.

 

Does F-Secure ORSP Engine and F-Secure NIF modules (which can be visible under list of updates) should be re-downloading (?! as can be visible under logs of updates. from Updates-window) after/with next setting:

 

-> Re-change local time for machine/desktop.

For example, from "1:00" (which time "in fact") to "3:00" (which "fake"-time) by default Windows "editing" time.

 

-> With "fake" time should be happened (or manually triggered) check updates.

 

-> Back to normal time (from "3:02" to "1:02" as example) and create a "Check now" (under Updates-window)?

 

After current actions (or part of them)... it will be redownloading/reinstalling ("not in fact" probably) under list of updates... for two current modules. ORSP engine and NIF.

Probably under release-notes was something about re-changes for time-zone and "not updating information" about "latest updates" (not met this before - because usually it was OK?!) - does it related with something about this?

Or current behavior just a random-action?  And nothing important around?

 

Sorry for reply.

Thanks.

F-Secure

Re: TP136 WINDOWS CLIENT RELEASE

Hi @Ukko 

 

Moving clock around should not trigger extra downloads. Can you please create a bug report in beta.f-secure.com.

 

Ville

(F-Secure R&D)