Updates to secure website filtering
ESET Customer Advisory 2015-0001
July 13, 2015
Product module improvements that are now available for users with pre-release updates enabled allow you to block secure (https) websites based on their domain without the need to enable SSL protocol scanning.
This update allows these sites to be blocked with SSL protocol scanning disabled and provides an additional layer of security when using secured connections with SSL scanning enabled. In addition, SSL security has been improved by:
- disabling SSL v.3 if a later version can be used in order to prevent attacks that were executed and demonstrated against an older SSL version
- disabling less secure ciphers if the client OS can handle them
- adding support for TLS 1.2 in Firefox
- support of TLS up to 1.2 even if the application does not support it
- compatibility with older SSL servers,
proper loggin of errors when enabling and disabling SSL filtering.
In addition to this new functionality, Internet Protection Module 1207 also includes fixes to other issues reported by customers.
If you would like to try out these new features at this time, you must enable pre-release updates in your ESET product. We suggest that users with large networks enable pre-release updates on a small number of client computers before applying these changes network-wide. After receiving the latest pre-release update, we recommend that you monitor the behavior of client computers that have received the update so that you can submit any feedback you have to ESET.
Affected Programs and Versions
- ESET Endpoint Security & ESET Endpoint Antivirus for Windows
- ESET NOD32 Antivirus & ESET Smart Security version 5.x and later for Windows
ESET File Security for Microsoft Windows Server version 6.x
Feedback and Support
If you have feedback or questions about the latest pre-release updates, please contact us using the ESET Security Forum, or via local ESET Support.
- Version 1.2 (July 17th, 2015): Correction of information reflecting recent ESET program module changes
- Version 1.1 (July 13th, 2015): Advisory changed to inform about changes in modules that will be released from the pre-release channel to the release one.
- Version 1.0 (July 10th, 2015): First version