PDA

View Full Version : ESET Untrusted Certificate alert



Geek4414
30-05-2017, 09:07 PM
Has anyone come across this in the past week? A few people have asked about ESET blocking encrypted network traffic with untrusted certificate, one user said it pops up dozens of time through the day. The earlier message was insitez.blob.core.windows.net and the latest message was a long cid followed by .users.storage.live.com Browser used in this case is IE11, other user has been getting such pop up when using Edge as well. None of the users were going to dodgy sites.

In this particular case, all the messages seems to be from Microsoft related domains, do they look like legitimate MS Services traffic?

wainuitech
30-05-2017, 09:19 PM
Can you post the actual address, the ones provide don't really allow any real testing.

What version of Nod do you have, the latest is 10.1.210.0

If you have Version 9 you have to manually download the online installer to upgrade to V10.

Had similar problems with V9 when the SSL/TLS filtering was turned on, disabling it solved the problem. V10 seems to be OK though.

Geek4414
30-05-2017, 09:26 PM
Can you post the actual address, the ones provide don't really allow any real testing.

What version of Nod do you have, the latest is 10.1.210.0

If you have Version 9 you have to manually download the online installer to upgrade to V10.

This user is on ESET NOD version 9, the insitez.blob.core.windows.net is the full address and it was from Chrome

8093

The second one is from IE and have popped up a few dozen times yesterday ...

8094

wainuitech
30-05-2017, 09:46 PM
The address the last ones blocking is Microsoft bingbot. In other words - usually safe.

Geek4414
31-05-2017, 12:04 AM
The address the last ones blocking is Microsoft bingbot. In other words - usually safe.

Ok, I thought it did look like a MS thing. Interestingly when I searched for "users.storage.live.com", I got this page ...

8095

It looks like it has something to do with MS Profile picture, probably something to do with the Office365 portal. This info appears to accuse MS of exposing the user's ID in plain text!

Interestingly that there seems to be a spat of questions regarding these untrusted certificate alerts from different people over the last few days.