To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

dl.delivery.mp.microsoft.com cache site marked as harmfull

Options
Jan-Eric
Jan-Eric W/ Member Posts: 11 Cyber Knight

Microsoft seems to have outsourced their updates distribution and this gets blocked.

How do I allow this traffic as it's a IP address that's changing?

WithSecure Elements Endpoint Protection har nya identifieringar:
Tid|Konto|Värd|Infektion|Åtgärd|Typ|Infekterat objekt|Infekterat objekt SHA1
fre, 10 maj 2024 19:58:48 UTC|xxxxx|xxxxx|hxxp://151.139.186.70/filestreamingservice/files/958e01e9-b772-4ce0-afae-451ac416cb3f/pieceshash?cacheHostOrigin=dl.delivery.mp.microsoft.com|Blocked|Web_traffic_scanning.content_type.block|None|

Answers

  • JamesC
    JamesC W/ Partner, W/ Staff, W/ Moderator Posts: 521 Moderator
    Options

    Hi @Jan-Eric

    My sincere apologies for the inconvenience and thank you for reaching out to WithSecure Community.

    Our detection team have now fixed the URL to be clean.

    Do check this and let us know if issue persists.

  • Jan-Eric
    Jan-Eric W/ Member Posts: 11 Cyber Knight
    Options

    There are more IPs and cacheOriginHosts but Microsoft doesn't publicly list their cache IPs. But fot thr moment they all seems to originate from 151.139.186.x subnet.
    hxxp://151.139.186.28
    hxxp://151.139.186.38
    hxxp://151.139.186.41
    hxxp://151.139.186.42
    hxxp://151.139.186.71
    hxxp://151.139.186.74
    cacheHostOrigin=msedge.f.dl.delivery.mp.microsoft.com|
    cacheHostOrigin=officecdn.microsoft.com
    cacheHostOrigin=download.windowsupdate.com