msedge.exe keeps trying to open to open connection relying an expired certificate to bzib.nelreport

I can see many people having the same problem with msedge.exe trying to open connection with an expired certificate bzib.nelreports.net

I am not very computer savvy and would appreciate and advice on how to fix this issue,

I did open a website with an expired certificate yesterday, the website was curleysdining rooms.co.uk

Thank you

George.

Best Answer

  • camarie
    camarie Principal Software Developer BD Staff
    Answer ✓

    Edge is doing telemetry and contacts two "defunct" services (dating back to Internet Explorer/MSN era - or at least so are described by MS support). These services are not used anymore (one of them is something called Browser internet connectivity or so) and looks abandoned, hence their certificates not being renewed. But Edge most likely still has code invoking them, and the Online Threat component saw the traffic to such an endpoint with an expired certificate. Such thing should not happen, but yet they do. IMHO the alert, although it might annoy the end user, is legitimate and benign, those two sites (bzib.nelreports.net and deff.nelreports.net) indeed belong to Microsoft.

    Both sites have their certificate still expired as of this moment.

Answers

  • Gjoksi
    Gjoksi Defender of the month mod

    Hello.

    I'm also having the same issue and waiting for a reply from Consumer Support.

    I also told them that there are a lot of users with the same issue.

    So far, no news from them.

    You could also contact Bitdefender Consumer Support by chat, telephone or e-mail:

    Chat is the fastest way to get in touch with Bitdefender Consumer Support.

    Select: Prevention & Threat Removal -> Windows -> Threat Removal, click on Contact Support in the black box and then click on Chat 24/7.

    NOTE: Bitdefender telephone support is not toll-free!

    That is what i did.

    Regards.

  • Hello.

    I'm also having the same issue :

  • Geraard
    Geraard
    edited November 2023

    I have theory, it has to do with how SSL protocols work.

    The change of time into the past for 1 hour on Sunday, might be responsible for this.

  • Flexx
    Flexx mod
    edited November 2023

    I am also receiving multiple notifications triggered while connecting to Microsoft Edge Chromium

    As checked, both websites are no longer live

    https://sitecheck.sucuri.net/results/bzib.nelreport.net

    https://sitecheck.sucuri.net/results/deff.nelreport.net

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Please let us know if you got an answer or when there is a fix from BD for this issue :)

  • I'm another name to add to the list of people who are receiving this message HOWEVER I noticed that MSEdge had become (somehow) installed twice on my laptop. So I have deleted both as per advice given from a post in the MS help website. The post also recommended using Firefox to reinstall MSEdge program to avoid future complications. Could Bitdefender please tell us if uninstalling and reinstalling MSEdge using Firefox is a solution that will stop this message from reoccurring.

  • Gjoksi
    Gjoksi Defender of the month mod

    Hello.

    OS Windows 10 Pro 22H2 x64 With Latest Windows Updates Installed; Installed On 18.01.2023; OS Build 19045.3636; Experience Windows Feature Experience Pack 1000.19053.1000.0; BD Total Security 27.0.23.112; Mozilla Firefox 119.0.1 x64; Microsoft Edge 119.0.2151.58 x64

    It happens ONLY with Microsoft Edge, but NOT on Mozilla Firefox.

    The same moment i start/open Microsoft Edge with start page Google, the pop-up notification in the lower right corner appears.

    Obviously, the website's certificate has expired, that is problem with the website and Bitdefender is detecting that problem.


    But, there is a solution, checked by myself and it worked for me:

    1. Click Protection on the navigation menu on the Bitdefender interface.

    2. In the Online Threat Prevention pane, click on Settings.

    3. Click on Manage exceptions.

    4. Click on + Add an Exception.

    5. Type in the corresponding field this text: https://bzib.nelreports.net/api/report?cat=bingbusiness

    6. Enable the switch next to Online Threat Prevention.

    7. Click Save to save the changes and close the window.

    And say good-bye to the annoning pop-ups. :)

    @Alexandru_BD @Mike_BD @camarie Guys, anything to add here?

    Regards.

  • Gjoksi
    Gjoksi Defender of the month mod

    Hello again.

    This is the e-mail i got from Bitdefender Consumer Support:

    "Hello, 

    Please accept my apologies for our delayed response and thanks for your reply.

    Microsoft owns the domain, and the SSL certificate recently expired, but there is no danger of malware or harm to your device.

    This notification is triggered by the Online Threat Prevention module whenever the website you are trying to access doesn't have an SSL certificate(HTTPS) and that is not safe to access it. 

    This alert appears when you try to visit a secured website (HTTPS) with an invalid security certificate. It tends to be websites with lots of ads, such as news websites, and analytics companies with an expired certificate trying to establish a connection. If you wish, you can check their SSL certificates at https://www.sslshopper.com/

    We understand that several community members have raised concerns about the Certificate issue on Microsoft forums, and most probably they are working on a resolution and will release a fix very soon.

    https://answers.microsoft.com/en-us/microsoftedge/forum/all/what-is-bzibnelreportsnet-and-deffnelreportsnet-in/747c0517-f9d5-4ab6-b11f-cce0defd5f50?page=3

    For further information, please contact the Microsoft Support Team.

    https://support.microsoft.com/en-us/contactus/

    Looking forward to hearing from you. 

    Have a great day!  

    Best regards,

    Cosmin I.

    Technical Support Engineer"

  • Thanks for this answer, finally warnings are gone 😀 👏