SOLVED

Smartscreen not working after Update to 103.0.1264.49

Occasional Contributor

Hello,


after I upgraded from 102.0.1245.41 to 103.0.1264.49, Smartscreen doesn't work anymore and downloads are displayed after about 20 seconds.

 

With 103.X no warnings are shown at https://demo.smartscreen.msft.net, but with 102.X I get some. The error also occurs in Beta (104.0.1293.25) and Dev (105.0.1321.0).

 

The problem only seems to occur on a terminal server farm (Server 2016 + Citrix virtual Apps and Desktops CU5) and VDI environment (Windows 10 + Citrix virtual Apps and Desktops CU5). Windows Defender is disabled as we are using Sophos AV.

 

As soon as I start a test at https://demo.smartscreen.msft.net, or download a file, the process swi_fc (Sophos Web-Protection) tries to connect to various IPs ( for example 20.67.219.150, 20.73.130.64, 20.86.849.62). Port 443 is used.


When I disable Sophos Web-Protection, MSEdge initiates the same connections.

 

In both cases, the connection is not opened via proxy. Sophos or Edge try to open the connections directly. However, this is forbidden in our system, which is probably the reason for the 20 second timeout on downloads.

 

If I set
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\NewSmartScreenLibraryEnabled = 0
the error is gone. Warnings and downloads work again and I don't see any failed connections from swi_fc or msedge. However, with Edge 105, the old library is no longer delivered. So this is not a permanent solution. https://docs.microsoft.com/en-us/deployedge/microsoft-edge-relnote-stable-channel#version-1020124550...

 

Allowing direct connections via port 443 also fixes the problem.

 

Does anyone have any ideas what I could do?

7 Replies

@Krinto1100 Hello!  Thanks for reaching out!  I just spoke to the team and this is a known issue they are working on resolving.  For the time being, please continue to use the NewSmartScreenLibraryEnabled policy as a temporary mitigation.   

 

I don't currently have an ETA for the fix but I'll try to update this thread when more information is available.  Thanks! 

 

-Kelly

@Kelly_Y thanks a lot for your fast response. I'm very happy that the problem is not on our site. 

Can you explain to my why this only happens on specific systems?

 

Any update on the fix for this? We too are getting this and are having to revert back to the old libraries that honor Proxy.
Today I updated edge to 104.0.1293.47 on our RDS. Sadly, the problem is still there.
Can you give me a quick update on this, please?

What should we do if the issue is not solved with 105 and the old library is no longer delivered? Disable SmartScreen is not a good option.
For now setup a GPP or batch or whatever mechanism to get your computers to use the old libraries
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\NewSmartScreenLibraryEnabled = 0
I have the GPO in place. But I don't know what will happen with 105, then the library is "deprecated". Does that mean that the library will no longer be availible and we must use the new one?
best response confirmed by Krinto1100 (Occasional Contributor)
Solution

Hi Everyone - The team is actively working on a fix for this issue and the plan is to have it deployed before Microsoft Edge v105 is deployed.  Hopefully we will have some updates shortly.  Thanks for your patience! 

 

-Kelly