| View previous topic :: View next topic |
| Author |
Message |
BoneKracker
Veteran
Joined: 14 Mar 2006
Posts: 1488
Location: U.S.A.
|
 Posted: Wed May 16, 2012 4:49 am Post subject: German antivirus company bricks PCs globally, wreaking havoc |
 |
|
| Quote: | German security firm Avira yesterday issued a service pack for its antivirus software that crippled an unknown number of Windows machines, with one customer calling the gaffe "catastrophic" to his company.
Today, Avira updated the software to sidestep the problem.
"Following the release of Service Pack 0 (SP0) for Avira Version 2012, the ProActiv feature blocked legitimate Windows applications on customers' PCs," Avira acknowledged on its support site. "We deeply regret any difficulties this has caused you."
Avira is the world's second-biggest antivirus maker, according to usage statistics.
The service pack included an update to ProActiv, a behavioral-based monitoring system that watches for suspicious events that may hint at a malware attack or point to an infection.
Users quickly reported that the updated ProActiv was blocking almost every legitimate Windows executable file -- those with the ".exe" extension -- meaning that most applications refused to launch. Even worse, ProActiv prevented critical Windows files from running, which in many cases "bricked" PCs, or kept them from even properly booting. |
| Quote: | According to security vendor Opswat, which reports on usage share every quarter (download PDF), Avira products accounted for 11.6% of all operating copies of antivirus software in the first quarter of 2012, putting the firm in second place worldwide behind Avast, and ahead of AVG Technologies and Microsoft.
In North America, where Symantec, Microsoft and AVG were the top three vendors, Avira had just 4.4% of the market. |
http://www.computerworld.com/s/article/9227182/Avira_antivirus_upgrade_wreaks_catastrophic_havoc_on_Windows_PCs
_________________
Oldthinkers unbellyfeel INGSOC.
-- Headline of a document on Winston Smith's terminal in his cubicle at the Ministry of Truth, seen briefly in the background in one scene of the movie rendition of Nineteen Eighty-Four. |
|
| Back to top |
|
 |
aidanjt
Veteran
Joined: 20 Feb 2005
Posts: 1101
Location: Rep. of Ireland
|
| Posted: Wed May 16, 2012 6:09 am Post subject: |
|
|
And will he learn his lesson and stop basing his entire business on the most insecure OS family on the market? Nope.
_________________
| juniper wrote: | | you experience political reality dilation when travelling at american political speeds. it's in einstein's formulas. it's not their fault. |
|
|
| Back to top |
|
|
wswartzendruber
Veteran
Joined: 23 Mar 2004
Posts: 1197
Location: Jefferson, USA
|
| Posted: Wed May 16, 2012 6:30 am Post subject: |
|
|
| Well that's not a very fair statement, now is it? I promise you they could make the same mistake for Mac OS X. |
|
| Back to top |
|
|
notageek
Tux's lil' helper
Joined: 05 Jun 2008
Posts: 78
Location: Bangalore, India
|
| Posted: Wed May 16, 2012 6:31 am Post subject: |
|
|
Or Linux.
_________________
What looks like a cat, flies like a bat, brays like a donkey, and plays like a monkey? |
|
| Back to top |
|
|
ultraincognito
Guru
Joined: 03 Jun 2011
Posts: 346
Location: Ukraine
|
| Posted: Wed May 16, 2012 7:16 am Post subject: |
|
|
| After Avira wants the Win XP SP3 I don't use it anymore on my WinXP SP2. Only COMODO! Only hardcore! |
|
| Back to top |
|
|
aidanjt
Veteran
Joined: 20 Feb 2005
Posts: 1101
Location: Rep. of Ireland
|
| Posted: Wed May 16, 2012 7:30 am Post subject: |
|
|
| notageek wrote: | | Or Linux. |
_________________
| juniper wrote: | | you experience political reality dilation when travelling at american political speeds. it's in einstein's formulas. it's not their fault. |
|
|
| Back to top |
|
|
aidanjt
Veteran
Joined: 20 Feb 2005
Posts: 1101
Location: Rep. of Ireland
|
| Posted: Wed May 16, 2012 7:34 am Post subject: |
|
|
| wswartzendruber wrote: | | Well that's not a very fair statement, now is it? |
It's a very fair statement to make. If he was running a more secure OS, he wouldn't need a virus scanner with that depth of OS penetration to cause that kind of damage, and become an attack vector in itself.
_________________
| juniper wrote: | | you experience political reality dilation when travelling at american political speeds. it's in einstein's formulas. it's not their fault. |
|
|
| Back to top |
|
|
Naib
Advocate
Joined: 21 May 2004
Posts: 3930
Location: UK - Birmingham
|
| Posted: Wed May 16, 2012 8:23 am Post subject: |
|
|
| aidanjt wrote: | | And will he learn his lesson and stop basing his entire business on the most insecure OS family on the market? Nope. |
I thought that was osx?
_________________
A free press is the unsleeping guardian of every other right that free men prize; it is the most dangerous foe of tyranny. Where men have the habit of liberty, the Press will continue to be the vigilant guardian of the rights of the ordinary citizen. |
|
| Back to top |
|
|
aidanjt
Veteran
Joined: 20 Feb 2005
Posts: 1101
Location: Rep. of Ireland
|
| Posted: Wed May 16, 2012 8:25 am Post subject: |
|
|
| Naib wrote: | | I thought that was osx? |
OS X is still a few billion viruses behind. They're a very comfortable second, though.
_________________
| juniper wrote: | | you experience political reality dilation when travelling at american political speeds. it's in einstein's formulas. it's not their fault. |
|
|
| Back to top |
|
|
Apheus
Apprentice
Joined: 12 Jul 2008
Posts: 182
|
| Posted: Wed May 16, 2012 9:09 am Post subject: |
|
|
From a technical view, desktop linux (non hardened) ist not more secure than windows. Mac OSX is behind in that league (Six and two months to patch a critical java hole?). The number of viruses has to do with costs vs. reward for malware authors: Fragmentation of the linux world, usage percentage, and (most importantly): clueless users. The clueless user bought his PC from walmart without even knowing what "Operating System" means. Guess which OS it has?
If more users would buy and use linux desktops, the numbers of malware would rise, at least for the most common distribution(s)
And I think we should not count viruses which would only work on Windows 95 when comparing numbers. |
|
| Back to top |
|
|
juniper
l33t
Joined: 22 Oct 2004
Posts: 756
Location: EU
|
| Posted: Wed May 16, 2012 10:40 am Post subject: |
|
|
| aidanjt wrote: | | wswartzendruber wrote: | | Well that's not a very fair statement, now is it? |
It's a very fair statement to make. If he was running a more secure OS, he wouldn't need a virus scanner with that depth of OS penetration to cause that kind of damage, and become an attack vector in itself. |
true. but it isn't unreasonable to expect your anti virus software won't brick your pc. |
|
| Back to top |
|
|
avx
Advocate
Joined: 21 Jun 2004
Posts: 2063
|
| Posted: Wed May 16, 2012 1:03 pm Post subject: |
|
|
You americans are so naive... while you invest billions and billions into cyberwar and cybersecurity to break into systems, we only spend a rather small amount in software people are installing theirselves - it's rather obvious though, Avira -> A vira -> A virus, ProActiv should be selfexplanatory, ... 
_________________
++++++++++[>+++++++>++++++++++>+++>+<<<<-]>++.>+.+++++++..+++.>++.<<+++++++++++++++.>.+++.------.--------.>+.>. |
|
| Back to top |
|
|
Apheus
Apprentice
Joined: 12 Jul 2008
Posts: 182
|
| Posted: Wed May 16, 2012 1:10 pm Post subject: |
|
|
| avx wrote: | | You americans are so naive... while you invest billions and billions into cyberwar and cybersecurity to break into systems, we only spend a rather small amount in software people are installing theirselves - it's rather obvious though, Avira -> A vira -> A virus, ProActiv should be selfexplanatory, ... |
Wasn't the payload function a little too obvious this time? 
Irony off - I've read this was a service pack update, not just a virus definition update. So the folks at Avira do not even test their software (engine) updates, including a reboot of the test machine. This is really poor, shameful and laughable. |
|
| Back to top |
|
|
pjp
Administrator
Joined: 16 Apr 2002
Posts: 16029
Location: Colorado
|
| Posted: Wed May 16, 2012 1:38 pm Post subject: |
|
|
They're not bricking PCs, they're preventing the spread of viruses. :D
_________________
lolgov. 'cause where we're going, you don't have civil liberties.
In Loving Memory
1787 - 2008 |
|
| Back to top |
|
|
pitcrawler
Apprentice
Joined: 09 Jan 2005
Posts: 150
Location: Oklahoma, USA
|
| Posted: Wed May 16, 2012 2:56 pm Post subject: |
|
|
| It's the first time I've heard of a service pack 0. Maybe people should have taken the zero as a hint. |
|
| Back to top |
|
|
aidanjt
Veteran
Joined: 20 Feb 2005
Posts: 1101
Location: Rep. of Ireland
|
| Posted: Wed May 16, 2012 3:23 pm Post subject: |
|
|
| juniper wrote: | | true. but it isn't unreasonable to expect your anti virus software won't brick your pc. |
No, but it is an inevitability when you use such an insecure OS.
_________________
| juniper wrote: | | you experience political reality dilation when travelling at american political speeds. it's in einstein's formulas. it's not their fault. |
|
|
| Back to top |
|
|
aidanjt
Veteran
Joined: 20 Feb 2005
Posts: 1101
Location: Rep. of Ireland
|
| Posted: Wed May 16, 2012 3:26 pm Post subject: |
|
|
| Apheus wrote: | | From a technical view, desktop linux (non hardened) ist not more secure than windows. |
Yes it is, it's a lot more. Even with all the faildesktop.org hole poking, the biggest attack vector is that a) windows has no package manager, and thus depends on the user not being stupid and download and install whatever they come across on the web and b) windows messy failure to separate users from the system and constant barrage of dialogues trains people to click 'ok' to *everything*, and thus, they do. And that's just for a start.
_________________
| juniper wrote: | | you experience political reality dilation when travelling at american political speeds. it's in einstein's formulas. it's not their fault. |
|
|
| Back to top |
|
|
Apheus
Apprentice
Joined: 12 Jul 2008
Posts: 182
|
| Posted: Wed May 16, 2012 4:29 pm Post subject: |
|
|
| aidanjt wrote: | | Even with all the faildesktop.org hole poking, the biggest attack vector is that a) windows has no package manager, and thus depends on the user not being stupid and download and install whatever they come across on the web |
This is not a technical attack vector, but a user issue. Malware can also creep into linux distributions - there were two hacks of two different IRC daemons and one of an FTP daemon in the last two years: The attacker hacked the website and changed the tarball. Distributions were unaffected because the hacks happened weeks after the respectable versions were published. If the hackers would have been quicker - I wonder if every distribution would have caught this by code review before official packages were distributed. Funny note: The ProFTP guys hosted their FTP server with their own software and forgot to upgrade. That's why the hack was possible.
| Quote: | | and b) windows messy failure to separate users from the system |
I have heard this has gotten better with Windows 7, although I cannot confirm this because I use only WinXP - and (shame on me) as an Administrator. I tried once to setup a "normal" user account, but could not create links to the Control Center or the most important Control Center Pages - with "ask for admin password" or "right click - execute as administrator". There were simply no possibility at all - every URL file I created was treated specially, the context menu had no "execute as admin..." Sometimes I wonder what goes on in the head of Microsoft software designers. So I let it be and changed my user back to the "Administrator" type.
Also, when only one user uses a desktop system (like me), the separation becomes less important: Malware can write in the autostart directories, and execute happily with normal user rights. Although in linux it cannot use rootkit methods to hide itself. I wonder if this would be possible with an unprivileged windows user...
And, I heard that linux' version of ASLR is not really unhackable, because the attacker can read the address layout of the current process from /proc, and calculate the jump adresses he needs. But this may be old news and obsolete with current kernels, I don't know. Also, I think Windows (Vista and later) have ASLR and DEP per default, while desktop linux does not. Maintaining a hardened desktop is nothing I would want to do, and needs exception rules for things like mplayer anyway. |
|
| Back to top |
|
|
BoneKracker
Veteran
Joined: 14 Mar 2006
Posts: 1488
Location: U.S.A.
|
| Posted: Wed May 16, 2012 7:14 pm Post subject: |
|
|
| avx wrote: | | You americans are so naive... while you invest billions and billions into cyberwar and cybersecurity to break into systems, we only spend a rather small amount in software people are installing theirselves - it's rather obvious though, Avira -> A vira -> A virus, ProActiv should be selfexplanatory, ... |
No, I trust Germans, generally. But what about Kaspersky? Who in their right mind would use a an anti-virus program created by Russians? The only thing could be more stupid would be to use one made by the Chinese.
_________________
Oldthinkers unbellyfeel INGSOC.
-- Headline of a document on Winston Smith's terminal in his cubicle at the Ministry of Truth, seen briefly in the background in one scene of the movie rendition of Nineteen Eighty-Four. |
|
| Back to top |
|
|
ultraincognito
Guru
Joined: 03 Jun 2011
Posts: 346
Location: Ukraine
|
| Posted: Wed May 16, 2012 7:23 pm Post subject: |
|
|
| BoneKracker wrote: | | But what about Kaspersky? |
Once I was scared a pig scream when the Kaspersky found a virus.
The Google translate translate "the Kaspersky" to Ukrainian as "antivirus", lol. |
|
| Back to top |
|
|
Dr.Willy
Apprentice
Joined: 15 Jul 2007
Posts: 287
Location: NRW, Germany
|
| Posted: Wed May 16, 2012 7:57 pm Post subject: |
|
|
| BoneKracker wrote: | | No, I trust Germans, generally. |
*villainous laughter* |
|
| Back to top |
|
|
BoneKracker
Veteran
Joined: 14 Mar 2006
Posts: 1488
Location: U.S.A.
|
| Posted: Wed May 16, 2012 8:14 pm Post subject: |
|
|
| ultraincognito wrote: | | BoneKracker wrote: | | But what about Kaspersky? |
Once I was scared a pig scream when the Kaspersky found a virus. |
_________________
Oldthinkers unbellyfeel INGSOC.
-- Headline of a document on Winston Smith's terminal in his cubicle at the Ministry of Truth, seen briefly in the background in one scene of the movie rendition of Nineteen Eighty-Four. |
|
| Back to top |
|
|
energyman76b
Advocate
Joined: 26 Mar 2003
Posts: 2022
Location: Germany
|
| Posted: Wed May 16, 2012 9:17 pm Post subject: |
|
|
| aidanjt wrote: | | wswartzendruber wrote: | | Well that's not a very fair statement, now is it? |
It's a very fair statement to make. If he was running a more secure OS, he wouldn't need a virus scanner with that depth of OS penetration to cause that kind of damage, and become an attack vector in itself. |
well, that rules out macosx.
_________________
| AidanJT wrote: |
Libertardian denial of reality is wholly unimpressive and unconvincing, and simply serves to demonstrate what a bunch of delusional fools they all are.
|
Satan's got perfectly toned abs and rocks a c-cup. |
|
| Back to top |
|
|
wswartzendruber
Veteran
Joined: 23 Mar 2004
Posts: 1197
Location: Jefferson, USA
|
| Posted: Wed May 16, 2012 9:31 pm Post subject: |
|
|
| energyman76b wrote: | | aidanjt wrote: | | wswartzendruber wrote: | | Well that's not a very fair statement, now is it? |
It's a very fair statement to make. If he was running a more secure OS, he wouldn't need a virus scanner with that depth of OS penetration to cause that kind of damage, and become an attack vector in itself. |
well, that rules out macosx. |
Pffft, nobody would attack Mac OS X. The system is literally intelligent. |
|
| Back to top |
|
|
|
Off the Wall
