bzib and deff.nelreports Phishing Protection

Risque

(msedge.exe attempted to establish a connection relying on an expired certificate to deff.nelreports.net. We blocked the connection to keep your data safe since websites must renew their certificates with a certification authority to stay current, and outdated security certificates represent a risk.)

This problem hasn't gone away, I've also reported to MS.

A fix has been posted on an earlier post, but I ran Winsecurity.diagcab and it reset phishing protection which had been turned off.

My system is running Windows 11 Pro insider preview evaluation 23585.1001 with VPN, bitlocker & bitdefender

Gjoksi

Hello.

This is a known issue.

OS Windows 10 Pro 22H2 x64 With Latest Windows Updates Installed; Installed On 18.01.2023; OS Build 19045.3636; Experience Windows Feature Experience Pack 1000.19053.1000.0; BD Total Security 27.0.23.112; Mozilla Firefox 119.0.1 x64; Microsoft Edge 119.0.2151.58 x64

It happened ONLY with Microsoft Edge, but NOT on Mozilla Firefox.

The same moment i started/opened Microsoft Edge with start page Google, the pop-up notification in the lower right corner appeared.

Obviously, the website's certificate has expired, that is problem with the website and Bitdefender is detecting that problem.

But, there is a solution/workaround, checked by myself and it worked for me:

1. Click Protection on the navigation menu on the Bitdefender interface.

2. In the Online Threat Prevention pane, click on Settings.

3. Click on Manage exceptions.

4. Click on + Add an Exception.

5. Type in the corresponding field this text: https://bzib.nelreports.net/api/report?cat=bingbusiness

6. Enable the switch next to Online Threat Prevention.

7. Click Save to save the changes and close the window.

And say good-bye to the annoning pop-ups. :)

@Alexandru_BD @Mike_BD @camarie Guys, anything to add here?

Regards.

Gjoksi

Hello again.

This is the e-mail i got from Bitdefender Consumer Support:

"Hello, 

Please accept my apologies for our delayed response and thanks for your reply.

Microsoft owns the domain, and the SSL certificate recently expired, but there is no danger of malware or harm to your device.

This notification is triggered by the Online Threat Prevention module whenever the website you are trying to access doesn't have an SSL certificate(HTTPS) and that is not safe to access it. 

This alert appears when you try to visit a secured website (HTTPS) with an invalid security certificate. It tends to be websites with lots of ads, such as news websites, and analytics companies with an expired certificate trying to establish a connection. If you wish, you can check their SSL certificates at https://www.sslshopper.com/. 

We understand that several community members have raised concerns about the Certificate issue on Microsoft forums, and most probably they are working on a resolution and will release a fix very soon.

https://answers.microsoft.com/en-us/microsoftedge/forum/all/what-is-bzibnelreportsnet-and-deffnelreportsnet-in/747c0517-f9d5-4ab6-b11f-cce0defd5f50?page=3

For further information, please contact the Microsoft Support Team.

https://support.microsoft.com/en-us/contactus/

Looking forward to hearing from you. 

Have a great day!  

Best regards,

Cosmin I.

Technical Support Engineer"

Alexandru_BD

Hello,

In addition to the insightful information above, there's also a new support article that explains what actually happens:

https://www.bitdefender.com/consumer/support/answer/97472/

Regards