Comments on: HTTP Acrobat PDF Suspicious File Download - False Positives

By: Felix J

Felix J — Thu, 03 Dec 2009 10:52:57 +0000

It was happened in the past So, for the current time, norton has fixed that issue…

By: LefPisyunfiny

LefPisyunfiny — Thu, 26 Nov 2009 10:05:06 +0000

Hello.
more links for that topic?
And Bye.

By: Felix J

Felix J — Fri, 12 Dec 2008 13:32:36 +0000

@Gunnar
Wowww… Thank you for the Norton quick response my norton didn’t show up any false positives again

By: Gunnar

Gunnar — Fri, 12 Dec 2008 11:55:41 +0000

Hello,

My name is Gunnar and I am working for an external Symantec-Support-Team. I am sorry to hear that you have experienced some problems caused by the False Positive condition. As Mike mentioned in his post above, the new update has corrected it, but I would still like to present you with the official statement from Symantec:

On December 10, Symantec posted a modification to an IPS signature that caused a False Positive condition with our customers. Customers may have experienced a virus warning or in some cases, partial loading of Web pages. The signature was released to all consumer products. On the enterprise side, only Symantec Client Security was impacted.

The specific signature at fault was the “HTTP Acrobat PDF Suspicious File Download” signature. This signature was triggered by generic JavaScript, which is used on certain Web sites. The signature was released around 1 a.m. PT on Wednesday, December 10. The signature was corrected and made available to Symantec customers at approximately 10 a.m. PT, 9 hours after the initial release.

Because the majority of our consumers receive updates automatically, they will already have been updated with the corrected signature. Any consumer customer that does not automatically download signatures, is unlikely to have experienced the False Positive. If they have, manually running Live Update will resolve the issue.

Symantec would like to apologise to any customers affected by this false positive for any inconvenience it may have caused.

Best Regards,
Gunnar
Norton Forum Assist Team

By: Felix J

Felix J — Thu, 11 Dec 2008 05:23:53 +0000

@CDC : I’m already getting that message for around 20 times already since yesterday. And today, i haven’t check whether norton has already patched this bug or not.

@dave : Yep… when i googled this risk name, one of them said that he was getting the same problem with eBay. So Not just you that had the same error message :).

@Nick_K : but in my case, i didn’t download anything on that website, yet i’m sure that sites are clean and won’t infect our computers. When i made this post yesterday, i’ve to deactivated my norton, so that i could post this problem on my blog.

I hope norton will soon patched this up.

By: Dave

Dave — Wed, 10 Dec 2008 21:14:03 +0000

I had a problem with ebay today. Same error message.

By: Blog do Vitor - Problema: Norton bloqueia acesso a sites informando “HTTP Acrobat PDF Suspicious File Download”

Wed, 10 Dec 2008 18:03:52 +0000

[...] Vários blogs já relataram o problema, confirmado pela equipe de desenvolvimento do Norton. Se você não quiser aguardar a disponibilização da atualização que irá corrigir o problema, é possível desabilitar essa detecção manualmente, o que pode deixar seu computador vulnerável. [...]

By: Nick_K

Nick_K — Wed, 10 Dec 2008 17:19:15 +0000

Hey I just want to start my saying im not great with computers so I might sound a bit stupid but I am also getting this message. I spoke with someone on Norton chat this is what she told me ” We have consulted this with our technicians and found out that this attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening. So we have to remove the infection now”. THis is the stupid part so is this virus on my pc when the message saying its blocked.

By: CDC

CDC — Wed, 10 Dec 2008 17:05:27 +0000

I’ve gotten it at least 3 times this morning as well, all from legitimate sites. Getting ready to run a LiveUpdate and see if that takes care of it.