Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
443 Views 1 Reply Latest reply: Feb 6, 2013 11:03 PM by btlyric RSS
iain.gardiner Apprentice 73 posts since
Sep 16, 2011
Currently Being Moderated

Feb 6, 2013 4:37 AM

Block Corrupt Media Rule

I am increasingly having files or functionality blocked due to this rule.


The latest today is facebook messaging, extract from access denied log

[06/Feb/2013:10:24:09 +0000]" " "403" "BlockReason: Media type blocked" "URL Categories: Social Networking" "Blocking Rule: Block Corrupted MediaTypes" "POST HTTP/1.1" "22" "URL Reputation: Minimal Risk" "Media Type: application/x-www-form-urlencoded"101 "User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E)" "


Can someone from McAfee confirm whether there is a known issue that is being worked on for a future release.


I can't keep submitting service requests for each time this happens, especially for functionality from the likes of Facebook and Youtube.


Meantime I think I will have to diable this rule.


Thx in advance.....

  • btlyric Apprentice 184 posts since
    Aug 1, 2012
    Currently Being Moderated
    1. Feb 6, 2013 11:03 PM (in response to iain.gardiner)
    Re: Block Corrupt Media Rule

    I'm not from McAfee, but I can possibly validate your experience.


    I have a rule that triggers an alert on Corrupted Media Type, but doesn't block the traffic. To date, most of the alerts that I've seen are for PDF files. For example, in my environment, out of 1013 Body Corrupted identifications, 943 are related to PDF files.


    Out of the 70 that weren't triggered by PDF files, 32 were triggered by URLs and the rest were various other domains.


    Did see a post from 2011 that stated that the PDF opener didn't like some specific feature/option and would trigger a Body Corrupted condition.

More Like This

  • Retrieving data ...

Bookmarked By (0)


  • Correct Answers - 5 points
  • Helpful Answers - 3 points