ERR_TOO_MANY_REDIRECTS on some websites with KES 12.11.0

[Gone Phishing]

Hi all,

Following KES 12.11.0 deployment, our users are getting an ERR_TOO_MANY_REDIRECTS errors when trying to access specific web sites. I have confirmed that it is browser independent and definitely related to the Web Threat Protection component. Adding site exceptions and/or changing other various parameters in the Web Threat Protection settings don not make a difference - the only thing that works is disabling Web Threat Protection completely.

Has anyone else experienced this and do you have any insights / suggested fixes?

Thanks,
Doug

[Tahmeed702]

16 hours ago, Gone Phishing said:

Hi all,

Following KES 12.11.0 deployment, our users are getting an ERR_TOO_MANY_REDIRECTS errors when trying to access specific web sites. I have confirmed that it is browser independent and definitely related to the Web Threat Protection component. Adding site exceptions and/or changing other various parameters in the Web Threat Protection settings don not make a difference - the only thing that works is disabling Web Threat Protection completely.

Has anyone else experienced this and do you have any insights / suggested fixes?

Thanks,
Doug

Can you please share some screenshot of the errors or warning. 

[Gone Phishing]

The issue is intermittent (as in it happens maybe 50% of the time) and occurs when we attempt to access any of the four URLs below:

https://workforcenow.adp.com
https://login.payworks.ca/login
https://collaboration.geowarehouse.ca/ui/login-with-okta
https://secure.paymentech.com/portal/por_new.aspx

It happens in three different browsers (Firefox, Edge and Chrome), all with cookies and history freshly cleared. Attached are a couple of screenshots from different browsers on different sites when the error does come up. It only happens with KES 12.11 (12.11.0.637) - KES 12.10 (12.10.0.466) works fine (I manually uninstalled KES 12.11 on a few PCs and they again work just fine again with KES 12.10). It happens on three different versions of Windows (Win 11 Pro 25H2, Win 11 Pro 23H2, Win 10 Pro 22H2), all fully patched.

I am unfortunately unable to downgrade the KES client through the administration server, and manually uninstalling KES 12.11 on 100+ systems is not exactly an option.

Thanks & best regards,

Doug

 

[David-W]

I am also getting this error in australia

with Commbank.com.au

exiting & stopping kaspersky completely allows this webpage to display normally

 

Please note... im not using any VPN's whatsoever

 

im using v21.23.6.614 of Kaspersky Plus

 

 

 

 

[Gone Phishing]

Yes, when I completely exit / terminate the KES 12.11 client the sites also load correctly. If I just disable all protection but the KES client is still running on the system, I still can't access them. No VPNs here either.

At least one of the sites that we're having issues with - and I see that the one you're having trouble accessing is also finance-related as are three of the four that we noticed it with - redirects specific information to Okta for the user authentication. I am not sure about the other ones.

I don't know if the above is in any way relevant to Kaspersky support, but I thought I'd post it here for their information.

[David-W]

im feeling at least relived its not just me!!

ive logged a ticket with Kaspersky...... in the hope they can resolve this ....

seems like Kaspersky is abit aggressive with legit sites!

Edited 17 hours ago by David-W

[David-W]

so the issue seems to be "Safe Browsing" - I switched it off... rebooted and it now works!

so it seems the "Safe Browsing" is being over protective

I also switched "Safe Browsing" on and then I drilled down further and switched off the "URL Advisor" - seemed to still work ok

 

are you able to replicate @Gone Phishing

Edited 6 hours ago by David-W

[David-W]

31 minutes ago, David-W said:

so the issue seems to be "Safe Browsing" - I switched it off... rebooted and it now works!

so it seems the "Safe Browsing" is being over protective

I also switched "Safe Browsing" on and then I drilled down further and switched off the "URL Advisor" - seemed to still work ok

 

are you able to replicate @Gone Phishing

further investigation - I think its the "Safe Browsing" causing the issues.... switch it off... seems to stop the err_too_many_redirects

[Gone Phishing]

There is no Safe Browsing option in the managed Kaspersky Endpoint Security client, but there is a Web Protection component, and yes, turning that off in the policy for all the computers in the container on the admin server and restarting them does allow access as I mentioned in my original post. However, that would be a case of the cure being (considerably) worse than the disease... Web Protection is essential as there's hardly a day when some employee does not come across an infected web site that could easily result in a company-wide breach and/or take down the entire network. It's not really an option to turn off Web Protection any more than it is to turn off Kaspersky entirely.