• Toute la Communauté
    • Toute la Communauté
    • Forums
    • Idées
    • Blogs
Avancé

Pas ce que vous cherchiez ? Demandez aux experts !

Remerciements2 Stats

Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

For a couple of months now Norton FW has been flagging updates of Microsoft Apps (pushed by the Win-10 Store) as having invalid digital signatures...

Today was no exception - the Store pushed in several Microsoft App updates:

And within minutes the Norton FW was alerting to Signature problems with the new Apps...

The only apparent meaningful detail for the offending Apps being their relative newness ...

So what offending "Digital Signature" is being referred to here?

FWIW, this is happening on all of my Windows-10 systems as well as those of friends running Windows-10 systems and also having NS installed.

Thanks

Réponses

Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

Happens to me from time to time. It is no big deal honestly. You brought this up before. Norton is merely informing you of something that may or may not make sense. Microsoft apps apps get updated which changes the version number. Not many people may not be using the new version who also use Norton  so that is why it says "fewer then 5". But the communication is legit. It is going from your pc to the program and then out to bing. Now if Money.exe was asking to go to "xyz..com" then that would be an issue. Norton is noticing a change and warning you of it. Nothing to be alarmed of. 

Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

PatsSoxBruins: Norton is merely informing you of something that may or may not make sense.

 

Remerciements1 Stats

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

Thanks for the quick response and reassurance - but that's not actually the reason for my prior post.

At first I thought the new notification pop-ups may be due to my election of setting three of Norton's "sensitivity settings" to their "Aggressive" position; namely: AV: Sonar Advanced, AV: Heuristic Protection, and FW: Block Traffic for Malicious Applications. FWIW, I have used the Aggressive position on these settings ever since it's been an option in NS (and NIS before NS) to do so.

As a test, I changed those settings to their normal "new product installation" defaults and restarted the system(s), but the pop-ups still occur. Again, these warning notices are a fairly new thing (only happening for the last couple of months, or so). As stated in my initial post (above), these are happening not only on my own Win-10 systems, but I've also been fielding a lot of questions about it happening to friends using the Win-10 + NS combo.

I guess my real question here is why the sudden change in "visibility" for these FW instances from the previous method when (I assume) NS was simply handling these non-events silently.

Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

duplicate

Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

I have Norton Security 22.8 running on about 20 Windows 10 64-bit machines. I also see this alert you speak of but it does not worry me what so ever. Makes me aware that Norton is watching over my pc for any sudden changes. All my settings are at default except I enable normal boot time protection. 

Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

bjm_:

https://community.norton.com/en/forums/norton-vs-microsofts-apps

Thanks for the link bjm_, I'd overlooked that reporting... As best I've been able to tell, it would seem that the Norton Programming Team has thus-far elected to remain silent on this particular topic.

In thinking back on it, (and I'm far from being certain on this, but) this new NS behavior may well have begun commensurate with the latest NS core engine update and/or the switch-over to the SDS-Defs-based detection system - In any case it's (IMHO) a nuisance to be sure.

FWIW, I think that it would be nice if notifications such as these (pop-up notices that automatically time-down to an ultimate default behavior of allow/permit,) had a "silence" option somewhere in the Norton configuration settings.

Cheers!

Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

@avjohnnie:

Norton just did its job very well: it will keep asking you or Microsoft for valid digital signatures. There is NO exception.

A digital signature is part of a digital identity. 

Oh, yeap, the old Mr. Money does not have a valid digital signature. You may Google "Bitcoin: Digital signatures".

Then just let those updates go if you have a good understanding of those items.

At least, you're not alone.

PS: "microsoft.msn.money.exe (complete app name here) does not have a valid digital signature." would be better.

PUP Hunter PRO: Just TRYING to save the world (U) from cyber threats, A single blog post, at a time, and ONCE & FOR ALL. (A fan of Nadia_Kovacs)
Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

Okay - So are you saying here that Microsoft's Digital Signing Authority which they use to Digitally Sign the various Metro/ModernUI Apps which they make available through the Microsoft Windows App Store is actually generating and attaching invalid Digital Signatures to these apps? That the Norton warning being popped-up has nothing to do with the "newness" of these app's and/or their updates? Wow - If this is so, why are we not seeing this issue being reported by other security product vendors too? More importantly, why is Windows itself not blocking these supposed invalid apps from executing?

Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

I think you are looking way too much into this. Every single security products works differently for starters. Not all Windows apps are made by Microsoft. Norton Firewall was merely giving you a warning. You can choose to either block it or accept it. Based on the outgoing traffic the alert you saw and others see is completely legit. I have seen the same thing several times now across various computers. I click do not show me again and then click ok. Windows firewall is not as granular as Norton's by default. But if you are using Norton Security all your Windows security (except UAC) will be turned off. 

Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

If this is so, why are we not seeing this issue being reported by other security product vendors too? More importantly, why is Windows itself not blocking these supposed invalid apps from executing?

> other security vendors and Windows don't abide by Norton's Wisdom of Crowds.  

Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

PatsSoxBruins: But if you are using Norton Security all your Windows security (except UAC) will be turned off. 

> except UAC and Windows SmartScreen, and Internet security settings

Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

Okay, I can see that I'm somehow failing to get my point across here...

I can certainly agree that these warning pop-ups are (very likely) stemming from "Norton Insight" cautionary detections due to very-low crowd utilization counts of the "NFW flagged" app, but I'm failing to see or understand why these are being labeled as "Invalid Digital Signature" notifications - In my book that's a whole other ballgame because if they actually were invalid signings (meaning, very likely tampered-with execution code,) Windows should be completely blocking their execution. Or am I wrong here?

Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

Yeah I forgot about Smart Screen bjm. Norton uses a community to base it's decisions on certain software. I have used every single security product out there and none do this. I am actually running Avast Free and Windows 10 firewall on a couple of computers to test it. But either way the screen shot explains exactly what is going on and that there is no fear or worry. Your pc called up Microsoft Money.exe which is using port 443 to reach out to bing.com. Since Bing is Microsoft's search engine that makes the alert legit. Microsoft Money is going outbound and getting info from Bing to bring back to the user. No need to worry. Again if Microsoft Money.exe was going out to xyz123.com then that would be an issue. Why is Norton all of a sudden warning users about this. Only devs would know but it should make a user feel confident that Norton is protecting their system instead of questioning the activity.

Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

PatsSoxBruins:

Yeah I forgot about Smart Screen bjm. Norton uses a community to base it's decisions on certain software. I have used every single security product out there and none do this. I am actually running Avast Free and Windows 10 firewall on a couple of computers to test it. But either way the screen shot explains exactly what is going on and that there is no fear or worry. Your pc called up Microsoft Money.exe which is using port 443 to reach out to bing.com. Since Bing is Microsoft's search engine that makes the alert legit. Microsoft Money is going outbound and getting info from Bing to bring back to the user. No need to worry. Again if Microsoft Money.exe was going out to xyz123.com then that would be an issue. Why is Norton all of a sudden warning users about this. Only devs would know but it should make a user feel confident that Norton is protecting their system instead of questioning the activity.

Thanks PatsSoxBruins - My (intended) point exactly.

But I also (still) feel that the Norton pop-up is mislabeling/misleading the warning detection classification being reported, that is unless the "Digital Signature" being referred to (by the notice) is in-fact a different signature (i.e., perhaps a "Norton Insight Trust" "Digital Signature") that's kept and maintained (perhaps in Norton's detections cloud space) by Symantec/Norton - and has nothing actually to do with the more familiar "Cert Authority Signing System's Digital Signature".  In that case the notice message should be changed for sake of accuracy - and better yet, there should be a way to disable these messages which ultimately time-out to a default of "permitting" the action.

Thanks for all the comebacks and thoughts on this - but I think I'm done now on this particular topic.

Cheers to all ...

Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

Hello

Happy Thanksgiving Johnnie

Thanks.

Success always occurs in private and failure in full view. Windows 10 Pro 64 bit Norton Core Security Plus 22.18.0.213 Core Firmware 282 I E 11 Chrome latest version.
Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

Hi Flo,

Thank you and a very Happy Thanksgiving to you and everyone else here as well.

Cheers!

Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

https://community.norton.com/en/blogs/product-update-announcements/norto...

resolve the issues with the Norton Firewall Alerts for Windows Store apps

PUP Hunter PRO: Just TRYING to save the world (U) from cyber threats, A single blog post, at a time, and ONCE & FOR ALL. (A fan of Nadia_Kovacs)
Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

20750065:

https://community.norton.com/en/blogs/product-update-announcements/norto...

resolve the issues with the Norton Firewall Alerts for Windows Store apps

Thanks for calling attention to the addressed issues specifics in the update notice.

FWIW I had already noticed that the recent engine update seemed to have addressed this particular issue.

Thanks also to Admin Sunil_GA for the confirming Comment on the product-update blog.

Cheers!

Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

For a reason that remains a mystery to me, a surprising number of standard Microsoft apps that are installed with Windows are not digitally signed by Microsoft. Examples include live.com, microsoftwindows communication, Windows Store, and certain aspects of Outlook.In addition, certain files of some Microsoft Word functions are not digitially signed.

Remerciements0

Re: Microsoft App Updates (via MS Store) Trigger NS Firewall Warnings

hok:

For a reason that remains a mystery to me, a surprising number of standard Microsoft apps that are installed with Windows are not digitally signed by Microsoft. Examples include live.com, microsoftwindows communication, Windows Store, and certain aspects of Outlook.In addition, certain files of some Microsoft Word functions are not digitially signed.

Quick thought...

Perhaps this (seeming overlook) has something to do with Microsoft's Windows-(8/10) Applications-Support-Framework (sandboxing and execution engine architecture) under which all such Modern-UI code models are required (compelled) to execute... (note that this is purely a guess on my part.)

This thread is closed from further comment. Please visit the forum to start a new thread.