With the latest update to Windows 11, SonicWall’s web filter tool no longer works on the operating system, the company confirmed earlier this week.
As per a BleepingComputer report, the Windows 11 22H2 update broke SonicWall’s Capture Client solution, rendering web content filtering (WCF) on the operating system useless.
The company is currently working on a fix, but those that cannot wait are advised not to install the latest update for Windows (or roll back to the previous version, if possible).
Messing up CryptoAPI
“We have identified an inconsistency in Capture Client Windows 3.7.6 and older clients on endpoints (opens in new tab) running Windows 11 version 22H2,” read the company’s security advisory published yesterday. “This results in Web Content Filtering (WCF) policies that enforce blocked categories to be no longer effective on impacted endpoints. The ability to allow or block domains/URLs using custom lists continues to function normally.”
Explaining what had happened, the company said encrypted and decrypted requests and responses that go back and forth between Windows devices and SonicWall’s Content Filtering Service go through Microsoft’s CryptoAPI. Now, since the tech giant tweaked the APIs, Capture Client can’t decrypt responses.
“In Windows 11 version 22H2, Microsoft CryptoAPIs have been modified, making Capture Client unable to decrypt responses from the SonicWall Content Filtering Service,” the company explained.
A fix is in the works, and should be released on February 17, 2023. This will bring Capture Client up to version 3.7.7, so keep an eye out for the update.
Until that happens, don’t install any Windows upgrades, SonicWall says: “As a temporary workaround, we recommend endpoints running Windows 11 not be upgraded to version 22H2 until Capture Client 3.7.7 for Windows is available.”
Without web content filtering, users could end up on websites with illegal or malicious content, and can lead to malware ending up on your system. They can also help to protect businesses and families alike from inappropriate viewing.
Via: BleepingComputer (opens in new tab)