Wyze Mesh Router Pro - Network Threat Detected Prevented - ctldl.windowsupdate.com

Good evening everyone. I had a corrupt Windows update (or I thought I did) install on my home PC. I went the route to wipe and reinstall Windows to help fix. I get the OS installed and get to a Desktop. I usually start with Windows Updates to grab all the base drivers and install OS updates. I began to have issues connecting to the Windows Update Services. Went down several paths of changing DNS, starting/restarting services, restarting Windows Store and still had issues.

I redownloaded the ISO (I have an MSDN) and a fresh install of Rufus to create the bootable disk. Wiped OS and reinstalled and still having issues. Scratching my head I booted up an older Windows Laptop and got online. I went to try updating Windows and it’s getting the same error on a Win11 Device about not connecting to the update service.

This lead me to look into my Network. And there it is. 20+ Network Threat Prevented, “DNS communication from device Office Router to malicious domain ctldl.windowsupdate.com detected and successfully blocked”.

This is a legitimate site for a Windows machine to call out to receive updates. Which makes more sense why my PC that was updating was stuck and it wasn’t a corrupt update. I am discovering this off of support hours but wanted to know if anyone has had this issue, found a way to Whitelist a legitimate site, and continue on updating.

3 Likes

I just checked, I had this same thing. Apparently it also blocked discordapp.com

Will you submit a log and post the log number?
Note: Submitting a log is not opening a support ticket, but I’d like to pass this information on to a dev so they’re aware. We can’t necessarily expect a response to it through this type of channel though. So, if a response is desired, then you’d still have to open a support ticket.

My log = 1155825


Edit: looks like they’re aware and working on resolving it.

2 Likes

Log = 1155996

Glad I am not the only one seeing it.

2 Likes

Could you try rebooting your routers now? I believe this was fixed by wyzes security partner.

2 Likes

I rebooted and it’s allowing traffic through that site again. Thank you!

2 Likes

What is the proper way to report these kinds of false positives? Or request a review?

I would say send an email to security@wyze.com.

Unless someone else corrects me, that seems like the best way to get this reported up the chain.

that email address doesn’t seem to go anywhere. Every time I sent an email to it I never got a response. The only way I ever hear back from anyone is if I submit a ticket via the live chat support on the Wyze website (type “connect me to an agent” and select “other issue”)

I have a ticket open with Wyze to unblock all TikTok CDN’s and SteamGridDB.com

Steamgriddb.com doesn’t even load.

Maltiverse randomly blocks SOME, not all, TikTok addresses. This causes random issues like sometimes videos don’t load and/or livestreams won’t load and/or images used in TikTok Shop don’t load and/or VERY slow loading livestreams…

How long ago did you email them?

Jan 6th of 2024 with a false positive for SteamGridDB.com
The TikTok issue wasn’t noticed until this week when I started using the app (and web version).

Have you tried sending a follow-up?

yes

I would try one more time and if they still don’t respond I can see if I can find out why

1 Like