Emet 4.0 Message On Ez-b Community

 
#1

Don't know if this means a lot but I keep getting this pop-up when opening Community posts.


User-inserted image

EDIT: Rich found out the cause of this and it is internal to EMET and my PC.

#2

It's your browsers security picking up the like and share buttons as facebook, and it doesn't see facebook as a safe website. What browser is it?

EDIT: Here's EMET 4.0. your problem is the certificate trust. You don't have a certificate for facebook.

technet.microsoft.com/en-ca/security/dn283932.aspx

#3

Quote: "Certificate Trust

The Certificate Trust feature allows you to configure a set of SSL certificate pinning rules to validate digitally signed certificates (SSL/TLS certificates) while browsing. This feature has been introduced to detect man-in-the-middle attacks that leverage fraudulent SSL/TLS certificates. It allows you to configure a set of rules able to match specific domains (through their SSL/TLS certificates) with the corresponding known Root Certificate Authority (RootCA) that issued the certificate. When EMET detects the variation of the issuing RootCA for a specific SSL certificate configured for a domain, it will report this anomaly as an indicator of a potential man-in-the-middle attack. EMET 4.0 also comes with a pre-defined set of rules that aim to detect Man in the Middle attacks in Microsoft and other popular online services, such as Twitter, Facebook, and Yahoo!."

Your predefined set of rules for facebook doesn't match the one in the like button at the top. Not sure how to fix it.

#4

You'll probably need to add an exception or rule somewhere in EMIT for facebook's like and share buttons, you will get the same errors on any sites which have the like and share buttons as they are displayed on a site that is not facebook so the whole "man in the middle" thing jumps in.

I've not used, nor do I plan on using EMET (at least not at the moment), generally you will find some of these protection programs are a lot more trouble than they are worth.

Edit: Have a read of this blog - http://blogs.technet.com/b/srd/archive/2013/05/08/emet-4-0-s-certificate-trust-feature.aspx

#5

Thanks Rich, very helpful. This just started with IE 11.0