Update VoodooShield Latest

Gandalf_The_Grey

Level 51
Verified
Trusted
Content Creator
Apr 24, 2016
4,006
@danb When using Internet Explorer Mode in Microsoft Edge I get a block/warning for iesettingsync.exe.
I reported it as false positive.
24-9-2021 08:50Gebruiker Toegestaaniesettingsync.exec:\windows\system32\iesettingsync.exe5EAD300DC7E4D637948ECB0ED829A072BD152E17b3080a8e73f05b1139f6315bcead3a726cb6432a33de2ecc189ab371e36025af"c:\windows\system32\iesettingsync.exe"539648iexplore.exec:\program files\internet explorer\iexplore.exe
 

Gangelo

Level 5
Verified
Jul 29, 2017
211
Guys, is anyone else having issues with onedrive updater being blocked on your systems? I have been having this issue since I started using Voodooshield and every time I unblock and report as false positive. I really like the software but blocking essential windows functions is giving me a bad taste. So much that I do not think I will renew my Pro license after expiry..
 

Attachments

  • Capture.PNG
    Capture.PNG
    87.5 KB · Views: 72
  • Capture2.PNG
    Capture2.PNG
    93.2 KB · Views: 72

Gangelo

Level 5
Verified
Jul 29, 2017
211
there needs to be a trusted vendors list or a full scan scan function to build up the whitelist for safe files instead of the broken rules settings.
I don't know what needs to be done, I am not a developer. I do not mind the occasional script blocking but this is unacceptable. And obviously no-one is reading the 'false positive' reports, I have been reporting this thing for a VERY long time. Highly disappointing.
 

oldschool

Level 62
Verified
Mar 29, 2018
5,121
Guys, is anyone else having issues with onedrive updater being blocked on your systems? I have been having this issue since I started using Voodooshield and every time I unblock and report as false positive. I really like the software but blocking essential windows functions is giving me a bad taste. So much that I do not think I will renew my Pro license after expiry..
IDK about OneDrive but many M$ files are unsigned, which is a "sign" of their devotion to security. ;) :LOL:
 

danb

From VoodooShield
Verified
Developer
May 31, 2017
993
@danb When using Internet Explorer Mode in Microsoft Edge I get a block/warning for iesettingsync.exe.
I reported it as false positive.
24-9-2021 08:50Gebruiker Toegestaaniesettingsync.exec:\windows\system32\iesettingsync.exe5EAD300DC7E4D637948ECB0ED829A072BD152E17b3080a8e73f05b1139f6315bcead3a726cb6432a33de2ecc189ab371e36025af"c:\windows\system32\iesettingsync.exe"539648iexplore.exec:\program files\internet explorer\iexplore.exe
Thank you for the info... can you please email me a link to a website that requires IE so I can reproduce the block?
 

danb

From VoodooShield
Verified
Developer
May 31, 2017
993
Guys, is anyone else having issues with onedrive updater being blocked on your systems? I have been having this issue since I started using Voodooshield and every time I unblock and report as false positive. I really like the software but blocking essential windows functions is giving me a bad taste. So much that I do not think I will renew my Pro license after expiry..
It looks like maybe MS changed some command lines or something so I will need to update them, no biggie. And yeah, I am behind on the false positives because I have been working on DefenderUI.

Keep in mind, VS is not designed to be totally silent, it is designed to be true deny by default. There are plenty of pseudo zero trust products on the market, and many rely heavily on trusted vendors lists, which VS will never implement because it is not secure. I simply wanted a no compromise zero trust product, and it is okay to be different. If you want something less aggressive, either change VS's security posture or put it on AutoPilot.
 

carl fish

Level 6
Verified
Mar 6, 2012
277
It looks like maybe MS changed some command lines or something so I will need to update them, no biggie. And yeah, I am behind on the false positives because I have been working on DefenderUI.

Keep in mind, VS is not designed to be totally silent, it is designed to be true deny by default. There are plenty of pseudo zero trust products on the market, and many rely heavily on trusted vendors lists, which VS will never implement because it is not secure. I simply wanted a no compromise zero trust product, and it is okay to be different. If you want something less aggressive, either change VS's security posture or put it on AutoPilot.
VS being a true default deny makes sense because like you say there are a few zero trust products that work this way and i'm sure they would let malware or adware through sometimes
 
Last edited:

Gangelo

Level 5
Verified
Jul 29, 2017
211
It looks like maybe MS changed some command lines or something so I will need to update them, no biggie. And yeah, I am behind on the false positives because I have been working on DefenderUI.

Keep in mind, VS is not designed to be totally silent, it is designed to be true deny by default. There are plenty of pseudo zero trust products on the market, and many rely heavily on trusted vendors lists, which VS will never implement because it is not secure. I simply wanted a no compromise zero trust product, and it is okay to be different. If you want something less aggressive, either change VS's security posture or put it on AutoPilot.
I am always on Autopilot (Aggressive Posture) and with Whitelistcloud on.
I do not expect Voodooshield to be silent, what I do expect is OS and essential system functions not to be blocked.
No offence but I don't think this is unreasonable.
 

Gandalf_The_Grey

Level 51
Verified
Trusted
Content Creator
Apr 24, 2016
4,006
Thank you for the info... can you please email me a link to a website that requires IE so I can reproduce the block?
It doesn't mater which website you choose, it is a block caused by Internet Explorer Modes in Edge.
For example, if you try to open your website VoodooShield™ - The User-Friendly Toggling Computer Lock. in Internet Explorer Modus you get the same block.
Of course when you allowed iesettingsync.exe you don't get that block anymore.

Schermafbeelding 2021-09-26 121405.png
 
Top