Hi,
Has anyone get any ideas why Bitdefender would be reporting that Fiddler is trying to access a dangerous page?
Infected web resource detected
now
Feature:
Online Threat Prevention
We blocked this dangerous page for your protection:
http://telerik-fiddler.s3.amazonaws.com/fiddler/FiddlerSetup.exe
Accessed by: Fiddler.exe
Dangerous pages attempt to install software that can harm the device, gather personal information or operate without your consent.
Is it just that it's trying to access an .exe?
Thanks
Thierry
9 Answers, 1 is accepted
Rank 1
I'm getting the same, but have been successfully updating previously (i.e. it's not just because it's an exe)
Perhaps it has been flagged by someone as dangerous?
Rank 1
Rank 1
Rank 1
No problem.
Apparently it takes 72 hours to go through the automated test environment to confirm it’s clean and is rolled out as a BD signature update, so update BD after Friday and then hopefully it should come down
Thank you for submitting this to the BitDefender team. I also believe it is false positive as I tested the provided link and was able to download it without any issues. Another option to try is BitDefender's Exception List.
Since BitDefender is testing it now, please keep us posted here on the outcome. Let me know if you have any other questions. Thanks again!
Regards,
Eric R
Progress Telerik
Rank 1
Hi Eric
No problem. I actually compared the URL to the manual download URL and it's identical, and BitDefender does allow that to be downloaded (so Thierry - try downloading it manually instead if you need it sooner)
I think the problem may be the download of an executable being initiated from Fiddler, in which case BitDefender may whitelist the URL just to find it's already considered safe and so ignore the request, but still block Fiddler from download it
We'll have to see
Rank 1
Hi again
I did just notice there is one difference in the URLs, and BitDefender doesn't like the one that Fiddler uses:
Fiddler attempts to download using this URL: http://telerik-fiddler.s3.amazonaws.com/fiddler/FiddlerSetup.exe
The manual download location is this https://telerik-fiddler.s3.amazonaws.com/fiddler/FiddlerSetup.exe
(i.e. manually it is over https, but Fiddler is going over http)
If I try to download using http, even manually, BitDefender blocks it, but it's happy with the https version.
Could you please let the Fiddler developers know so future updates use the https URL? It would be safer anyway, and was probably switched for a reason anyway, so it would complete that switch
Thanks!
Not a problem. I created a new issue for this. Keep an eye out for it in the Release Notes.
Please let me know if you have any additional questions. Thanks again for your help with this isolating this.
Regards,
Eric R
Progress Telerik
Rank 1
I will try to download it directly this evening.
Again, much appreciated
T.