FYI: ASUS Routers AiProtection blocks URL from Emsisoft

[fax]

Interesting, clearly a false positive by TrendMicro in Asus Routers. Tried to report to trend but the reporting interface does not recognise the URL as malicious.

 

 

 

 

[GT500]

Are you able to contact ASUS support for your router? I can't be certain, but they may know who or where to send the false positive report to. It's also possible that it's just a bug in the firmware, and could even be fixed in a newer version (assuming your router doesn't try to automatically update its firmware).

[fax]

Normally they direct users to TrendMicro but I have not contacted them.

The fact is that I see no impact on EIS... was just for your information in case you see weird report on connectivity from users.

[GT500]

We only use dl.emsisoft.com for roughly one-third of update attempts. The other two-thirds use cdn.emsisoft.com instead, which is probably why you haven't noticed any issues.

[fax]

Thank you on the details of the servers used. I have reported the false positive to ASUS, lets see what happens...

[fax]

And here you have the Asus response... i.e. you are vulnerable

I give up on my side.

 

Cheers,

 

 

 

Dear Sir,

Thank you for your email.

The link you mentioned is recognised by Trend Micro as vulnerable. This both for the standard Trend Micro as well as the stand alone version for PC.

Therefor the only solutions we can offer is either to turn this off in the router under the AiProtection settings. Or to download this through a different connection.

Hoping to have informed you with this.


With regards,

ASUS TSD

[GT500]

I'll see if I can contact TrendMicro.

[fax]

Thanks! The false positive is triggered when you try to download the emsisoft installers. For example this link; https://www.emsisoft.com/en/software/internetsecurity/download/

[GT500]

Thank you. I have sent an e-mail to what I assume if their support address (they don't appear to publicly mention what e-mail addresses they use for support).