widevinecdm.dll

my edge://components page looks wonky

Widevine Content Decrypter Module 4.10.2391.0
Status - Updated
Check for update = Status - No update available

Jaylato119:

bjm_, I appreciate your devoting time to this matter. I don't believe anything is inherently wrong. This was an issue in or around May 2020. It eventually was resolved (not sure if by an Edge update or a Norton update). 

Yes, I recall issues with Widevine Content Decrypter Module update.  
https://community.norton.com/en/forums/widevinecdmdll-repeat-notifications
I think Edge is causal. 

edge://flags/#edge-widevine-drm
Disabled doesn't disable faulty update process.  So, Disabled does not help. 

First, I'm not too sure that Norton should be giving this a greenlight as being safe. According to what I found on one website, the widevinecdm.dll can also be malware in disguise. Personally, I don't understand how I even picked it up, when I have the settings on my browser set so tight and I'm even using the Norton security package, along with the additional Anti-tracking from the same company. Of course, if they are going to greenlight something because of legacy or other users, who don't have their settings so high, then that would explain a lot.

It's just like my mother picked up the Anydesk console a few months ago. Here's a hint; it was being used by scammers to have her go withdraw money from the bank and then, when she got back home and turned her computer back on, it had her go back out and get gift cards. Thankfully, the place she went to for the gift cards recognized what was going on and she didn't lose money that time. Unfortunately, just under a month later it happened again with a different support console and she used her credit card to buy the gift cards.

My point is Norton needs to start taking a closer look at these things, which are automatically getting the greenlight of their approval. It would also be nice if the warnings were more apparent. I would also like to have the ability to go in and block some of these things, especially when I do not agree with their decisions. I have looked and there is no way that I can find in the Norton Security, where I can tell it to block widevinecdm.dll.

By the way, due to the tightened security on my system, some websites totally fail to load. It's almost like the websites from 30 years ago or so, where there were no pictures or videos at all; just lines of text and link lines. Stopping some of those scripts dead in their tracks!

NetJockey59:

First, I'm not too sure that Norton should be giving this a greenlight as being safe. According to what I found on one website, the widevinecdm.dll can also be malware in disguise. Personally, I don't understand how I even picked it up...

Hi NetJockey59:

The widevinecdm.dll file is part of the Widevine Content Decryption Module built-in to various browsers.  If you launch MS Edge, for example, and enter edge://components in the address bar it will show that the Widevine Content Decryption Module is one of the built-in components of that browser.

Norton and other antivirus programs don't base the safety of a file on its name, for exactly the reason you described where malware can try to disguise itself by using the name of a known "safe"‪ file. Instead, it checks the SHA-256 hash (unique digital fingerprint) and compares this SHA-256 of the downloaded file with the SHA-256 hash of the "safe" version that is stored in Norton's virus definitions database.  If you click the Copy to Clipboard link in the File Insight report for widevinecdm.dll and paste that information into a text editor like Notepad the SHA-256 hash will be listed there.  Every time Widevine updates their widevinecdm.dll library I assume it's their responsibility to file a report with Norton so the SHA-256 hash of the latest version can be whitelisted (i.e., added to Norton's database of "safe" SHA-256 hashes).

When I upload my current widevinecdm.dll v4.10.2209.0 file included with MS Edge v95.0.1020.53 (located in the hidden folder C:\Users\<myusername>\AppData\Local\Microsoft\Edge\User Data\WidevineCdm\4.10.2209.0\_platform_specific\win_x64\) to VirusTotal.com for analysis the report at https://www.virustotal.com/gui/file/e72339d04f54afe23d3fb2a89e1343ba10a40969e42de70e38d2f22104d7676d shows the unique SHA-256 hash is e72339d04f54afe23d3fb2a89e1343ba10a40969e42de70e38d2f22104d7676d and the detection rate is 0/66.  That means that none of the 66 popular virus scan engines that VirusTotal used to scan widevinecdm.dll (e.g., Avast, BitDefender, McAfee, Symantec, etc.) found this file was malicious/suspicious, so I know that it's safe to use.