Windows 10: Research shows antivirus products vulnerable to attack

Read more: Research shows antivirus products vulnerable to attack | ZDNet

:)

 

Windows Phone vulnerable to FREAK ATTACK!

I am puzzled.

When I visit
security bulletin does not mention anything about it! What is worse, there is no hope for any update coming.

Did I miss something? Or are the Windows Phones not meant to be secure?

Can somebody explain please?

With thanks in advance for any clues.

Martin

 

Can't upgrade your version (0x80042302)

Hi Dieter,

It is possible that your antivirus software prevents the upgrade process. Some users report that uninstalling or disabling their antivirus software resolves the upgrade issue. Then, proceed with the steps below:

• 
  Type activation in the search box and select the best match.
  
• 
  Click Change product key.
  
• 
  Enter your product key for Windows Education.
  
• 
  Follow the on-screen instructions.
  

Note: If you have to temporarily disable your antivirus software, you should re-enable it as soon as you're done. If you're connected to the Internet or a network while your antivirus software is disabled, your computer is vulnerable to
attacks.

Let us know how it turns out.

 

Corporate greed getting in the way of personal as well as corporate system security? Fortunately what I use here hasn't been tossed on the list so far. But it does show that these programs are not always so 100% as the claims are.

 

Well I use ESET, I find it mostly effective but there are going to be a few things that get through. What you have to start setting up are protections for patterns of behavior and there are ways to block the behavior with the app specifically in the web blocking section. You can block IP address ranges, I start with that then I set up a rule for certain processes to not allow connection to an external network. The thing about this Komodo attack, isn't that some kind of team viewer style remote connection? So it looks like somebody is piggybacking onto what a Computer, a home computer might define as a safe process and allow.

On the other hand I have found programs like Avira, Kaspersky, and especially Norton and Mcafee to be wholly ineffective for the size of the programs and the amount of services they hijack from windows, like the firewall service for instance, which is better as it is out of the box from Microsoft than it is after both Norton and McAfee have shredded it

 

I had looked at ESET as well as Trend Micro while looking for the eventual replacement of the AVG free edition and not finding that to be what was actually needed along with trying out Comodo and a few others. Common sense is going to be found as the Number #1 success story out of all of them!

None of these programs no matter how much you pay for them or how well they are rated will ever be 100% since new bugs are always just around the corner. So you have to look at how much bugs are spread or find their way onto your system. Emails from strange senders and the web in general as well as files being transferred and not scanned properly by flash drives and other removable media!

Common sense dictates find a program or separate effective firewall utility as well as something that screens for bad sites! When you have a malicious code detection process in place you are alerted to potential risks while browsing the web. This is why you are now seeing "Internet Security" in the better featured versions of various av softwares since the more you pay the more protections are supposedly added into the program. Obviously some don't live upto their claims! *Rolleyes

With VIPRE Internet Security originally Sunbelt noted for their firewall apps was bought out by GFI and now linked with the ThreatTrack Security site seen at: ThreatTrack Security - Malware Research Labs still using the original Sunbelt site you have a continually updated data base for malwares and known to be hostile sites where the av software will automatically refresh itself with. I'm sure Symantec(Norton Internet Security suite) as well as others have similar data bases as well they maintain for their commercials customers. That's where the big money is generally found!

 

That issue with Comodo was resolved.
Reporting issues like this article does only results in paranoid people afraid to use the security software they love. No matter where the security suite came from.
The report should have finished with stating the fix has been released with these vendors.
url below:
"This Makes No Technical Sense"

 

Why doesn't that surprise me any? Typically blog writers rush to fill blog pages at the slightest incling at something without digging further for all of the facts! A journalist on the other hand is a more thoroughly researched type of writer who takes a much deeper look at things and does his or her homework! And then you have "Garbage" reviews often tainted by some corporate suggestions? The "Make Us Look Good or Else!" takes the forefront there.

 

Additional proof from Google the issues are resolved:

https://code.google.com/p/google-sec...ues/list?can=1
Search for vendors, software or vulnerabilities (overflow, sandbox escape etc).

Project Zero:
Project Zero: Announcing Project Zero

 

the fact there is nothing bullet-proof/fail-proof in computer security, is not false/wrong

but again we cant be to paranoid either, or else just unplug ur ethernet and be offline
and in real-scenario, rather than vulnerabilites in software, usually its user fault when it got infected with malware and suchs

say even if software(either OS, AV or otherelse) have security-hole, it wont make things bad except you been targeted for exploit attack, and i dont think that what personal user have to worry about, even for company
except ur company big enough like SONY or APPLE etc.

 

Well for the personal user not to have any worries is a bit understated when you consider the types of cyber crimes being seen have been on the increase which also identity theft along with credit information! You won't want someone using your identity to perpetrate some crime and you end up being the one who lands in prison!

The typical malwares and viruses however are more or less aimed at causing havoc by disrupting a system's ability to function normally if not some ad bot or spybot, keylogger, etc. Many can even go unnoticed until you decide to try out a better program that is able to perform deeper scans and uncovers a bug you didn't know was there.

With the av software here I have actually shut it down and then ran the installer on a download after releasing it from quarantine to find a Yahoo or Google toolbar option prechecked to install along with the freeware. If you decided on a paid program that is one thing you would expect it to be able to do!

 

Any security software is a risk, because it does not run with admin rights, but with system rights.
In other words, the more security software you have, the more exploitable your system gets.
Vulnerabilities of security software are being sold on the black market for this very reason.
Then again, chances of being targeted like that are slim, unless you are worth hacking.

 

I've seen occasions were scam wares simply go right past firewalls and other protections with ease regardless of the softwares you use! All it takes is a little user interaction with something and SURPRISE! Cleaned off a few of those when kids borrowed a parent's laptop and all heck broke loose. I got asked more then once to take care of things! *Rolleyes

As for added layers of security it depends on what you use. If you add a web security toolbar onto your browser rather then seeing an av software with web screening filters you have a vulnerability there! The toolbars are often doorways for tracking your browsing habits! The one additional feature I do say is useful however is one that puts a guard up around VMs! If you run other OSs with web access it's a smart move to see if the av program you used offers that type of additional protection often a separate download.

 

Hi there

For NON corporate -- I.e HOME use there's absolutely NO NEED for ANY 3rd party AV stuff when using W10 --built in Windows defender works fine.

In any case you are much more likely to get problems from your own use of the computer -- replying to email links from unknown senders, logging in to fake "look alike" websites and giving out too much data on social media.

Even Torrents these days are quite careful on who is uploading so chances of "Nasties" are much smaller these days if you have to use those sites. -- the surviving torrent sites are all much more picky now.

Most PUPS look quite legitimate programs too so typical AV software doesn't have much of a chance of picking a load of these up. Ms updates Windows defender almost daily so your definitions will be seriously much more up to date than any 3rd party stuff who have to test to see if it works with W10 anyway.

You have to think totally differently compared to previous Windows release -- even W7 is a leaky sieve compared with W10 as far as security is concerned,

By all means load this stuff but it really won't do any good compared with the standard Windows defender and will probably just slow your machine down too.

Any POST analysis stuff like comparatives of AV software done in PREVIOUS months is also a 100% waste of time as a new threat could possibly appear at any instant - rendering the past data results totally meaningless.

A resource often overlooked by almost everybody on these Forums is your OWN routers firewall. This will stop undesired outside connections at a stroke too --totally seamlessly. Used in conjunction with Windows own Firewall and Windows defender you should have a reasonably safe system -- and if you've a load of kids one of the best ways also of protecting them and you is to set up a proxy server --easily done.

Cheers
jimbo

 

Windows Defender is a good security program. Windows Defender and all security programs are not 100% effective. The all have their strengths and weaknesses. One should use whatever security program they feel safe using and keep them updated. A good security program and some common sense and most computer user will be reasonable safe. As for setting up a proxy server. Most mom and pops don't even know what it is let along how to set it up.