[Resolved] CIS 4.0.X. defense + not blocking flash cookies.

My pc configuration:

CPU AMD Phenom II X4 940, 2 gb of ram, windows xp pro sp3 32 bit, malwarebytes
1.45(free version), opera browser 10.51, flash plug-in for opera browser.

CIS 4.0.138377.779 -32 bit settings:

Proactive security, defense + in safe mode, firewall in custom policy mode,
anti virus security level stateful, sandbox disabled, firewall and defense +
set to create rules for the safe applications.

In CIS 3.14.130099.587 defense + alerts me when flash cookies are trying to
modify protected files/folders and i block them but this does not occur in CIS 4.xx
even when i manually set defense + to block flash cookies.

I tried everything i can think of and but can not block flash cookies in CIS 4.xx.
Explanation of why is this happening ether from the developers or anybody who is
well informed will be greatly appreciated.

Try moving the Opera rule above the All Applications rule in Computer Security Policy. Does that change things?

Please create new topic(s) for the other problem(s).

I have edited my first post and added more detailed descriptions.

AFAIK in V4 Safe applications won’t trigger protected File/Folder alerts at all and will add the necessary Allow exception to the policy if “create rules for the safe application” is enabled (this looks an intentional design) :
It should be still possible to manually create a policy with an explicit block rules for the files listed in “My protected files” or use “My blocked files” though

You are absolutely right about what you wrote and i did manage to block flash cookies by
adding them to “my blocked files” list.

Thank you very much Endymion.

Thanks Tarantela, You’re welcome. :slight_smile:

I did more investigating and found out that if i put flash folder in “my protected files” list
that some web sites that have flash video content won’t work because access to that
folder is denied and cookies can’t be created.

Then i though why don’t i try to put folder “C:\Documents and Settings\user name
Application Data\Macromedia\Flash Player” to blocked in “all applications” rule in defense +
setting(defense + → advanced → computer security policy → all applications rule).

The settings are working, cookies are now being blocked properly and certain web pages
that require flash cookies work also(tested this on CIS 4.0.141842.282 full security suite).

In edition i found out that CIS is not blocking cookies if flash installation files are present
in C:\Program Files\Opera\program\plugins\ folder.

If i delete flash installation files from the opera plugins folder opera uses flash plugin
from C:\Windows\System32\Macromed\Flash\ folder and CIS blocks flash cookies.