Jump to content

ezebob2

Members
  • Content Count

    17
  • Joined

  • Last visited

About ezebob2

  • Rank
    Candidate
  1. Would it be possible to give us a current list of items that are still not fully compatible in windows 10. The below list is very old, and hopefully some have been fixed. Kaspersky Internet Security limitations under Microsoft Windows 10 The following functionality is partly limited in the application installed on the Microsoft Windows 10 operating system:  Self-Defense. Self-Defense of the application GUI does not work even when it is enabled.  System Watcher.  Protection against cryptors and screen lockers. The application can detect only the most basic varieties of cryptors and screen lockers.  Malware disinfection in the system memory.  Protection against screenshots.  Clipboard data protection.  Protection of the Protected Browser process against external attacks. Limitations on the operation of Application Control under Microsoft Windows 10:  Custom application rules do not work.  Application categorization in the new Windows user interface style is performed incorrectly.  The Application Control component does not support the following operations and functions:  Hooks installation  Taking screenshots  Sending windows messages to other processes  Suspicious operations  Hooking incoming messages of the stream  Direct access to physical memory  Setting debug privileges  Access to password storage  Managing printer driver  Using program interfaces of other processes  Access to internal browser data  Access to critical objects of the operating system  Using program interfaces of the operating system (DNS)  Creating service  Opening service for read  Opening service for write  Modifying service configuration  Managing service  Starting service  Deleting service  Saving registry keys to file  Access to audio stream  Changing system modules (KnownDlls)  The following actions by Application Control are limited:  Starting driver: loading of drivers is not blocked; only a notification about a driver that has been loaded may be shown.  Pausing other processes and threads: only threads with suspend rights are intercepted under Microsoft Windows 10 (x86); opening of the process is additionally controlled under Microsoft Windows (x64).  Code intrusions: only threads with inject rights are intercepted under Microsoft Windows 10 (x86); opening of the process is additionally controlled under Microsoft Windows 10 (x64).  Duplicate internal process handle: copying of handles is controlled for processes and threads only.  Stopping other processes: controlled only at the level of opening of process handles and threads with terminate rights.  Exiting Microsoft Windows 10: only shutdown.exe launch is controlled –other mechanisms of exiting the operating system are not controlled. Kaspersky Internet Security limitations under Microsoft Windows 10 with the Device Guard mode enabled: Enabling of the Network Attack Blocker component in the application interface is not available. Operation of the following functionality is also partly limited:  Rootkit search and disinfection (postponed disinfection of files after computer restart; detection of malware that creates autorun keys in the registry).  Heuristic Analysis (emulation of the startup of suspicious applications).
  2. I find it astonishing that a vulnerability this severe affecting the core of Kaspersky's product(s) has been "fixed" with a simple database update! The manner that this has been handled publicly by Kaspersky does not provide any confidence that this is a permanent fix, but rather a quick and dirty temporary patch while the real problem is worked on. I find it difficult to comprehend how in less than 24 hours a fix has been made in the core of all Kaspersky's products, yet windows 10 incompatibilities (pin to start) have been in the works for what seems like forever. This whole episode feels more like damage control. As a long time (10+ years) satisfied Kaspersky customer my confidence has been severely damaged, possibly irreparably, by this, and other recent events.
  3. It has been revealed publicly by various parties that Kaspersky products are affected. Also a patch was supposedly released to fix it. How to we know if we are vulnerable or if we have the patch?
  4. Went to a site that wants to download a file because it says I'm infected, (don't think so, fools) KIS does not pick it up, Other web av do. Where do I sent the file and website info to get it added to the definitions? Looked in the interface but I must be blind. Is there an easy way do to his?
  5. Thanks for the info however my version still reads 8.0.0.506 not 8.0.0.506a
  6. Just read on another site that update "f" will be version 8.0.0.508 correct? I have checked the version of AVP.exe and it is in fact 8.0.0.508 so that seems correct, however when I hover the mouse over the Kaspersky logo in the notification bar it still reads 8.0.0.506. My question then is have I got the latest build and why is it still showing 8.0.0.506? Thanks all Bob
  7. I must admit I was wrong! Just removed 357 and installed 454 again, updated and banner ad blocker is working fine. Congrats to the devs. Lucian I appologize for doubting you. Bob
  8. I would have o disagree with that assertion Lucian, after my original post I removed 454 and went back to 357 and low and behold the sites where banners were shown in 454 are now blocked in 357. So it must have some other reason other than an update assuming that 357 and 454 use the same updates. I will remove 357 and put 454 back on to test this out if needed. Let me know your thoughts. Bob
  9. I have read the other posts regarding the banner ad blocker and can confirm that it does not work anywhere as well as version 357 despite what has been said. I have followed the suggestions of the other posts, it is enabled, I have used the removal tool and rebooted and reinstalled with no difference. Several sites that I visit regularly now appear with banners where they did not under 357. Also adding these to the blocker in one instance has no effect, and on another site blocks one of two ads but returns the moment you surf to another page. Using wild cards ( * ) in the address as per the example has no effect. Would it be helpful if I PM'd someone with the sites involved, along with a copy of my blacklist? Thanks for any and all help. Bob
  10. So this statement from Secunia Research is wrong 5) Solution The vulnerability is fixed in upcoming version 2.3 build 2912. And this one from Viruslist is also wrong Solution Update to version 2.3 build 2923 Please provide sources for your assertion that the problems have not been fixed. Is there some advisory some place?
  11. Now I'm confused! Here is a copy of the report from Secunia Research http://secunia.com/secunia_research/2008-18/advisory/ Secunia Research: Foxit Reader "util.printf()" Buffer Overflow ====================================================================== Secunia Research 20/05/2008 - Foxit Reader "util.printf()" Buffer Overflow - ====================================================================== Table of Contents Affected Software....................................................1 Severity.............................................................2 Vendor's Description of Software.....................................3 Description of Vulnerability.........................................4 Solution.............................................................5 Time Table...........................................................6 Credits..............................................................7 References...........................................................8 About Secunia........................................................9 Verification........................................................10 ====================================================================== 1) Affected Software * Foxit Reader 2.3 build 2825 NOTE: Other versions may also be affected. ====================================================================== 2) Severity Rating: Highly critical Impact: From remote Where: System access ====================================================================== 3) Vendor's Description of Software "Foxit Reader is a free PDF document viewer and printer, with incredible small size (only 2.55 M download size), breezing-fast launch speed and rich feature set. Foxit Reader supports Windows Me/ 2000/XP/2003/Vista. Its core function is compatible with PDF Standard 1.7.". Product Link: http://www.foxitsoftware.com/pdf/rd_intro.php ====================================================================== 4) Description of Vulnerability Secunia Research has discovered a vulnerability in Foxit Reader, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when parsing format strings containing a floating point specifier in the "util.printf()" JavaScript function. This can be exploited to cause a stack-based buffer overflow via a specially crafted PDF file. Successful exploitation allows execution of arbitrary code. ====================================================================== 5) Solution The vulnerability is fixed in upcoming version 2.3 build 2912. ====================================================================== 6) Time Table 23/04/2008 - Vendor notified. 08/05/2008 - Vendor notified again. 08/05/2008 - Vendor response. 20/05/2008 - Public disclosure. ====================================================================== 7) Credits Discovered by Dyon Balding, Secunia Research. ====================================================================== 8) References The Common Vulnerabilities and Exposures (CVE) project has assigned CVE-2008-1104 for the vulnerability. ====================================================================== 9) About Secunia Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration: http://corporate.secunia.com/ Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security. http://secunia.com/ Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general: http://corporate.secunia.com/secunia_research/33/ Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions: http://secunia.com/secunia_vacancies/ Secunia offers a FREE mailing list called Secunia Security Advisories: http://secunia.com/secunia_security_advisories/ ====================================================================== 10) Verification Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2008-18/ Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/ ====================================================================== Please pay particular attention to the highlighted text. also here is the another page with the solution I followed http://www.viruslist.com/en/advisories/29941 Foxit Reader "util.printf()" Buffer Overflow Secunia ID SA29941 CVE-ID CVE-2008-1104 Release Date 20 May 2008 Last Change 28 May 2008 Criticality Highly Critical Typically used for remotely exploitable vulnerabilities that can lead to system compromise. Successful exploitation does not normally require any interaction but there are no known exploits available at the time of disclosure. Such vulnerabilities can exist in services like FTP, HTTP, and SMTP or in client systems like email programs or browsers. Solution Status Vendor Patch Software Foxit Reader 2.x Where From remote "From remote" describes other vulnerabilities where the attack vector doesn't require access to the system or a local network. This category covers services that are acceptable to expose to the Internet (e.g. HTTP, HTTPS, SMTP). It also covers client applications used on the Internet and certain vulnerabilities where it is reasonable to assume that a security conscious user can be tricked into performing certain actions. Impact System access This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user. Description Secunia Research has discovered a vulnerability in Foxit Reader, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when parsing format strings containing a floating point specifier in the "util.printf()" JavaScript function. This can be exploited to cause a stack-based buffer overflow via a specially crafted PDF file. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 2.3 build 2825. Other versions may also be affected. Solution Update to version 2.3 build 2923.Reported by Dyon Balding, Secunia Research. Original Advisory Secunia Research: http://secunia.com/secunia_research/2008-18/ Again pay attention to the highlighted solution, so my question is, who's right or wrong here. You are telling me it's still a problem and they are saying the solution is to update to version I have. Could you provide more info where you found that it is still a problem or is it as I originally thought a KIS 2009 false detection. Thanks Bob
  12. Hi all. Just a small problem. After my install of KIS 2009 I receveived a warning concerning a vulnerability in my version of Foxit Reader. I read the report, consulted the virus list warning, and as per recomendations there upgraded to the new version of Foxit Reader. I now have the recommended version of 2.3.2923 but on full scan I continue to receive the same warning of a vulnerability for the older version. Seems KIS 2009 can't tell the difference. I manually checked the .exe file's version, I checked through foxit as well, both report the newer version. Any suggestions? Do you require additional info? Is this the correct place to request help for this type of problem or should I be sending a report somewhere else? Thanks again for your help. This is the only problem I've had with the new version since install. Keep up the good fight! Bob
  13. Just a follow up. Installed KIS 2009, updates fine, works very well so far. Seems to be faster at scanning compared to KIS 7. Internet web browsing feels snappier. Looks good. Congratulations Kaspersky Team Bob
  14. Thanks again for your prompt reply. Keep up the excellent work.
×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.