Forum Discussion
Smartscreen not working after Update to 103.0.1264.49
Hello,
after I upgraded from 102.0.1245.41 to 103.0.1264.49, Smartscreen doesn't work anymore and downloads are displayed after about 20 seconds.
With 103.X no warnings are shown at https://demo.smartscreen.msft.net, but with 102.X I get some. The error also occurs in Beta (104.0.1293.25) and Dev (105.0.1321.0).
The problem only seems to occur on a terminal server farm (Server 2016 + Citrix virtual Apps and Desktops CU5) and VDI environment (Windows 10 + Citrix virtual Apps and Desktops CU5). Windows Defender is disabled as we are using Sophos AV.
As soon as I start a test at https://demo.smartscreen.msft.net, or download a file, the process swi_fc (Sophos Web-Protection) tries to connect to various IPs ( for example 20.67.219.150, 20.73.130.64, 20.86.849.62). Port 443 is used.
When I disable Sophos Web-Protection, MSEdge initiates the same connections.
In both cases, the connection is not opened via proxy. Sophos or Edge try to open the connections directly. However, this is forbidden in our system, which is probably the reason for the 20 second timeout on downloads.
If I set
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\NewSmartScreenLibraryEnabled = 0
the error is gone. Warnings and downloads work again and I don't see any failed connections from swi_fc or msedge. However, with Edge 105, the old library is no longer delivered. So this is not a permanent solution. https://docs.microsoft.com/en-us/deployedge/microsoft-edge-relnote-stable-channel#version-1020124550-june-23
Allowing direct connections via port 443 also fixes the problem.
Does anyone have any ideas what I could do?
- Hello all. Thank you for your patience. I'm the Product Manager for Smartscreen in Microsoft Edge and I want to provide a quick update. We've developed a fix to address this issue, and we're in the final stages of testing and validation before shipping to all customers. The fix will be available starting edge v104 and on later releases.
The NewSmartScreenLibrary policy is still available and will remain available until we're confident the issue has been resolved. The plan as of now is to deprecate it in v107. More details to come later on. https://docs.microsoft.com/en-us/deployedge/microsoft-edge-policies#newsmartscreenlibraryenabled
- AndresPicoMicrosoftHello all. Thank you for your patience. I'm the Product Manager for Smartscreen in Microsoft Edge and I want to provide a quick update. We've developed a fix to address this issue, and we're in the final stages of testing and validation before shipping to all customers. The fix will be available starting edge v104 and on later releases.
The NewSmartScreenLibrary policy is still available and will remain available until we're confident the issue has been resolved. The plan as of now is to deprecate it in v107. More details to come later on. https://docs.microsoft.com/en-us/deployedge/microsoft-edge-policies#newsmartscreenlibraryenabled- Krinto1100Copper ContributorThank you for the update. Fixing the issue and keeping the NewSmartScreenLibrary policy for some additional month in place looks like the best solution.
- PackerBackerBrass ContributorI see Version 104.0.1293.70: August 25, 2022 came out yesteday...
however the release notes do not pinpoint this fix. Can the stable channel be updated to refclect the smartscreen fix?- TinzouCopper ContributorI updated to 104.0.1293.70 and removed the NewSmartScreenLibrary GPO Setting today.
The issue actually seems to be resolved.
- Kelly_YMicrosoft
Krinto1100 Hello! Thanks for reaching out! I just spoke to the team and this is a known issue they are working on resolving. For the time being, please continue to use the NewSmartScreenLibraryEnabled policy as a temporary mitigation.
I don't currently have an ETA for the fix but I'll try to update this thread when more information is available. Thanks!
-Kelly
- Krinto1100Copper Contributor
Kelly_Y thanks a lot for your fast response. I'm very happy that the problem is not on our site.
Can you explain to my why this only happens on specific systems?
- PackerBackerBrass ContributorAny update on the fix for this? We too are getting this and are having to revert back to the old libraries that honor Proxy.
- Krinto1100Copper ContributorToday I updated edge to 104.0.1293.47 on our RDS. Sadly, the problem is still there.
Can you give me a quick update on this, please?
What should we do if the issue is not solved with 105 and the old library is no longer delivered? Disable SmartScreen is not a good option.- PackerBackerBrass ContributorFor now setup a GPP or batch or whatever mechanism to get your computers to use the old libraries
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\NewSmartScreenLibraryEnabled = 0
- Ricky_SCopper ContributorHello,
just upgraded to stable version 104.0.1293.63 and removed the workaround (NewSmartScreenLibraryEnabled = 0) and the problem seems to be fixed.
can anyone confirm, please- PackerBackerBrass ContributorAny official word from Microsoft about the fix with SmartScreen and proxies yet?
- Ricky_SCopper ContributorUnfortunately, no. Not even in the release notes
- Krinto1100Copper ContributorHello,
sadly, I can't confirm. I updated edge to 104.0.1293.63 and removed HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\NewSmartScreenLibraryEnabled or set it to 1. In both cases, smart screen didn't work.
Can you redo the test? Can't imagine that it is fixed in your environment but not in mine.
Just a short question: Are there only CVAD (RDS + Citrix) or VDI systems effected in your environment?- Ricky_SCopper ContributorHello,
Thank you for your comment. I made a mistake during testing and I apologize for the incorrect statement. Our environment is behind a proxy server and the new smart screen library is no longer working or is working very slowly. In the home office, we have a direct connection and therefore no problems:
We are still waiting for a solution from Microsoft.