Edge extension suspicious connection

Copper Contributor

Hello, I use Bitdefender and keep getting the following text notification when i open edge..

"

Suspicious connection blocked
6 minutes ago
Feature: Online Threat Prevention
msedge.exe attempted to establish a connection relying on an expired certificate to extensionwebstorebase.edgesv.net. We blocked the connection to keep your data safe since websites must renew their certificates with a certification authority to stay current, and outdated security certificates represent a risk.Add to exceptions

 

I contacted Bitdefender and no fix could be suggested.

Any of you guys know what may be causing this, it is a bitdefender notification but only comes up as soon as I open Microsoft Edge.

Here is a screenshot of it.

 

Capture.PNG

 

Thanks.

14 Replies

This issue has been widely reported in the last week or two.

According to responses in other discussions concerning the issue:

(1) The extensionwebstorebase.edgesv.net domain is obsolete, which is why Microsoft allowed the certificate to expire.
(2) Edge, for whatever reason, still calls to the domain with respect to some extensions.
(3) The Edge Team is pushing an Edge update to eliminate the issue, without an ETA known at this time. 

 

Unless you are willing to work through your extensions one by one attempting to find the culprit(s), I suspect your choices at this point are to (a) whitelist the extensionwebstorebase.edgesv.net domain in Bitdefender or (b) put up with the error message until the necessary changes have been made in Edge.

@tomscharbach - It's now been almost 6 months since I first saw this reported. It would seem Microsoft for some unknown reason has decided this isn't important enough to them, to fix. For all of us who believe security is very important this isn't expectable. It sure is good to know that most if not all of the other web browsers I've tested don't seem to have this problem. I really like Brave, Firefox, Chrome, etc.. While Microsoft really does have some good applications their web browser needs some tune-ups.

Agree, very annoying and completely unnecessary if Microsoft would just roll out an update to fix this.
MY bitdefender keeps telling me msedge.exe attempted to establish a connection relying on an unmatching security certificate. I would have expected MS would have fixed this by now.

@JD6800 ,

 

So uninstalling msedge is the only solution? Why would this do not happen with other browsers?

I finally just allowed it as safe on Bitdefender a few weeks ago and haven't seen it since and have no problems with my computer.

The same today and on the 07/30/2022.
I have chosen the solution of rhonda90402.
It is quite boring to have to write several times about such subject.
We have many things to do elsewhere.
Best regards,
Trebly (here Trebly but Trebly_auth on others MS Community... doubled?)
Trebly,
No issues still on my computer since I allowed it still in late June/early July.

DrJ932485@rhonda90402 

 

I get that same error message using microsoft edge. I'm serious considering trashing the edge browser

@JD6800  I have similar problem but for other link, every time I launch edge it establishes a connection which Bitdefender blocks due to certificate license expired. what's even more puzzling is the fact that I don't have any extension enabled nor did I ever use that link in my life!

My questions to Microsoft:
First: Why does edge automatically establish connection without a user consent?! this is a major security vulnerability!
Second: where this link establishment happens??!! I googled the site ("www.ahlalloghah.com") which appears to be something I never used in my life.. How on earth did that site link itself to my edge browser?? btw, I have no viruses.

It's surprising that such an issue is still open for 4 months and no one in Microsoft cares to solve it. I searched the internet for a solution, and nothing is found! 

I need explanation and a solution, otherwise I have to ditch Edge for having such a major security hole without any update that fix this error. With such incompetency, I don't feel confident anymore that Edge can cope with the many security threats that is out there on the internet.

@JD6800 

Same here, just switched back to Bitdefender TS version 26.0.35.174 on Windows 11 Pro X64 recently and I too have the problem you described. Most annoying! Oddly enough no blocked connections when I run VPN? 

 

Hey Microsoft get rid of code.yengo.com

The problem still exists. The option chosen by several people here of whitelisting extensionwebstorebase.edgesv.net as a workaround is far from ideal because you are allowing an SSL connection with an expired certificate.

Only option I see is to continue allowing BitDefender (or whatever Antivirus app you have) to block the connection. Unfortunately this means an annoying alert everytime Edge is started. For those without an app that detects and blocks the connection they are at risk.

If a component of Edge is making the connection and the server is redundant then Edge should be updated accordingly.

@sc00ber Further digging I traced down a core isolation problem in my computers security. It was a bad driver that had to be removed with PowerShell, in short a full reinstall was required. 
That said I also had to download windows defender from the Microsoft Store to prevent my core isolation details from being randomly turned off due in part from my home page being msn.com. Therein lies another issue of msn.net being located using wireshark/fiddler combo to track down the bad actors.

HTH and thank you for further elaboration,sc00ber.