Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Microsoft Smart Screen False Positivies - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Microsoft Smart Screen False Positivies

We received a couple of reports about Microsoft's "Smart Screen" flagging harmless sites as malicious. Initially, we considered the possibility of an infected ad service. But it may be a bug in Smartfilter as well.

More details shortly.

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

I will be teaching next: Defending Web Applications Security Essentials - SANS Brussels September 2019

Johannes

3603 Posts
ISC Handler
This happened to some persons in our workplace recently. Only it was happening for IE8 talking to local LAN web servers that our users use for applications. One of the incidents was an IT staffer just trying to access the Symantec Web console for administration purposes. He says it works today. So IE8 maybe updated itself already.
Anonymous
We definitely saw this with an internal site yesterday for most of the morning, but by 1pm PDT yesterday it had been resolved. The @MicrosoftHelps user on Twitter had some references to it yesterday afternoon. It was definitely a change in their engine--my guess was they were tweaking it to detect something related to the new vulnerability from this week. Not sure.
blm

3 Posts

Sign Up for Free or Log In to start participating in the conversation!