KB Article | Forcepoint Support

Problem Description

After an upgrade on Windows 10 1903 build update, browsing via Internet Explorer or Edge has stopped working.

Once the system is updated, the browser fails to parse the PAC file on HTTPS and returns no Proxy. Upon checking the Blackspider Query page, the tool says Forcepoint is not in use:
 
User-added image

Essentially the browser does not acknowledge that there is a proxy in use or even possibly a PAC file, the PAC file is ignored.

Resolution

This issue is related to a Microsoft update to Windows 10. Microsoft has introduced a possible bug by introducing a new flag for revocation check on PAC files over TLS.

Microsoft is aware of the issue. See IE and Edge ignore PAC (proxy auto config) file (comment from July 1, 2019).
Forcepoint recommends to contact the Microsoft team, referencing the above link, and ask to monitor/track the issue.

At present there are no known workarounds for HTTPS PAC files. 

For other workarounds:
  • Forcepoint does not recommend reverting or uninstalling Microsoft updates. 
  • Change back to using the HTTP PAC file.
    1. Login to Cloud portal.
    2. Navigate to Web > Policy.
    3. Click on the policy you wish to disable HTTPS PAC files.
      • This feature is policy specific and can be enabled or disabled for each policy.
    4. Navigate to Endpoint > Endpoint PAC Control.
    5. Uncheck Retrieve PAC file over HTTPS.
    6. Repeat these steps for each policy to ensure HTTPS PAC files have been disabled.
The issue appears related to the following KBs published by Microsoft:
 
Windows 10 version 1903
Version: OS Build 18362.295 (KB4512508)
Release Date: August 13, 2019
August 13, 2019—KB4512508 (OS Build 18362.295)
 
Windows 10 version 1803
Version: OS Build 17134.950 (KB4512501)
Release Date: August 13, 2019
August 13, 2019—KB4512501 (OS Build 17134.950)

 

Article Feedback



Thank you for the feedback and comments.