We received a couple of reports about Microsoft’s Smart Screen flagging harmless sites as malicious. Initially, we considered the possibility of an infected ad service. But it may be a bug in Smartfilter as well. Some reports on twitter [1] show that the problem has been resolved.
Please let us know if you have sample URLs that are still affected.
To disable smart screen:Select Internet Options from the Toolsmenu. Select the Advanced tab and find the Enable SmartScreen Filter setting (about the 10th item from the bottom. Scroll all the way down). Needless to say: This will also remove the smart screen protection from real-evil sites, not just from appear-to-be-evil-to-smartscreen-today sites. The setting should only be changed if you can’t wait for the problem to be fixed.
[1] http://twitter.com/#!/search/%23smartscreen
——
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
View full post on SANS Internet Storm Center, InfoCON: green
Related Posts
- PSN update now live across the U.S., go change your password now
In case you missed it — and you very well might have considering what time this ball got rolling — Sony has officially flipped the switch on the PlayStation Network, restoring service in a limited... - Silverlight Update Available, (Thu, Apr 21st)
Microsoft has issued a security patch for Silverlight KB2526954. It fixes several security issues. However, the Microsoft link to KB2526954 is still not live. If you have Microsoft update running, it ... - Infiltrate 2011 and Offensive Security
Security researchers from around the world are digesting the weekend's fare at Infiltrate2011, organized by security outfit Immunity. "No policy or high-level presentations, just hardcore thought-prov... - KB2506014 kills TDL4 on x64
Not so long ago, Microsoft released a security patch addressing the way Windows x64 operating systems check integrity of the loaded modules. In our recent report (The Evolution of TDL4: Conquering x64... - Adobe to Patch Flash Zero Day on Windows, Mac on Friday
Adobe is planning to patch the recently disclosed Flash Player vulnerability on Friday for users on Windows, Mac OS X and Linux. The vulnerability is being used in targeted attacks right now that use ... - Analysis of the New Adobe Flash Attacks
When Adobe warned customers earlier this week about a newly discovered vulnerability in the Flash Player software, company officials said that there were already attacks underway against the bug. Thos... - New Zero-Day Attack in Adobe Products (CVE-2011-0611)
Last month, Adobe had released a security advisory and a product update about a critical flaw affecting Flash Player versions and a vulnerable component, authplay.dll, of Adobe Reader and Acrobat that... - Samsung rootkit was a Vipre false positive
http://sunbeltblog.blogspot.com/2011/03/samsung-laptops-do-not-have-keylogger.html That is all well and good, but what about this claim on networkworld.com: “The supervisor who spoke with me was ... - Building Reputation with Microsoft Security Essentials
Internet Explorer 9 includes a great new application reputation feature driven by SmartScreen. As described in this Building Reputation blog post by Ryan Colvin, SmartScreen uses file hashes an... - Patchday: Fresh releases from Microsoft and Google
As announced last Friday, Microsoft released 3 Security Bulletins which deal with patches for 4 security vulnerabilities. One of them is rated critical and resides within the DirectShow framework for ...
Posted on 06 November 2010. Tags: False, Microsoft, Positivies, Screen, Smart
