Page 10 of 10 FirstFirst ... 678910
Results 91 to 95 of 95

Thread: Multiple AV vendor vulns - archived

  1. #91
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation AVG bad update bricks Win7 64-bit

    FYI...

    AVG bad update bricks Win7 64-bit
    - http://isc.sans.edu/diary.html?storyid=10030
    Last Updated: 2010-12-03 04:24:55 UTC - "... reports on AVG updates breaking things on Windows 7 64 bit... The problem lies with the mandatory update. The AVG site has some info on how to deal with the issue here http://forums.avg.com/ww-en/avg-free...=show&id=94159
    * Basically get the machine started somehow (use AVG rescue Disk or any Linux Live CD). In the windows/system32/drivers directory rename everything starting with avg. Reboot and your system will be back (minus the AV). I guess it will then be a matter of waiting for it to be fixed, reinstall or change to something else."
    ___

    AVG fix for computers running on Windows 7 64-bit platform - updated
    - http://product-team.blog.avg.com/201...-platform.html
    12/02/2010 - "... we have identified a potential conflict between one of our recent updates (3292) and a significant number of systems running on the Windows 7 64-bit platform that has caused systems to go into an infinite crash loop... video to help you solve this problem..."

    - http://forums.avg.com/ww-en/avg-free...99#post_132999
    [Read -entire- thread]

    System crash after the recent AVG 2011 update 3292 (BSOD)
    - http://free.avg.com/ww-en/faq?num=4080

    - http://www.avg.com/us-en/faq?num=4079

    Updated AVG 2011 Rescue CD/USB (for 3292 update)
    - http://www.youtube.com/watch?v=Fam3-KSfA3A
    ___

    - http://forums.avg.com/us-en/avg-free...show&id=132917

    - http://www.youtube.com/watch?v=x4hfiY55bkQ

    Last edited by AplusWebMaster; 2010-12-03 at 13:28.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #92
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation ClamAV v0.96.5 released

    FYI...

    ClamAV v0.96.5 released
    - http://secunia.com/advisories/42426
    Last Update: 2010-12-08
    Criticality level: Moderately critical
    Impact: DoS, System access
    Where: From remote
    Solution Status: Vendor Patch
    ... The vulnerabilities are reported in versions prior to 0.96.5.
    Solution: Update to version 0.96.5.

    - http://www.clamav.net/lang/en/download/sources/
    Latest stable release: ClamAV 0.96.5

    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-4260
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-4261

    - http://www.h-online.com/security/new...e-1139430.html
    19 November 2010

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #93
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Avira v10 SP1 updated

    FYI...

    Avira v10 SP1 updated
    - http://techblog.avira.com/2010/12/08...l-problems/en/
    December 8, 2010 - "We just published an update for Avira AntiVir 10 with Service Pack 1 that solves an issue some users were experiencing where their computers stopped to respond after a short time of running. An error message indicates in those cases that the paged pool memory isn’t sufficient. As a workaround it was possible to disable the process protection of Avira AntiVir. The now released update solves that issue. Those who disabled the process protection may enable it again after applying that update, which should happen automatically within the usual update cycle (exception: if the default configuration got changed and product updates explicitly got disabled)..."
    Update 09.12.2010 - "On developer systems, this update may lead to problems when trying to debug software (thus only developers should be affected). We are still investigating the issue. As a workaround in case you experience this problem, disable the registry- and file-protection for the Avira AntiVir files in the configuration: Switch to expert mode in the configuration and scroll down to “general”, “security”. There untick the box next to the entry which protects from file- and registry manipulations. After that, reboot the computer. In some cases it is necessary to rename the Avira file avipbb.sys to avipbb.old (possible in safe mode)."

    - http://secunia.com/advisories/40927/
    Last Update: 2010-12-09
    ... The vulnerability is confirmed in version 10.0.0.565. Other versions may also be affected.
    Solution: Reportedly fixed in avipbb.sys version 10.0.22.20 (available through the product update mechanism).

    Last edited by AplusWebMaster; 2011-01-22 at 22:35.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #94
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation F-secure: false positive...

    FYI...

    F-secure: false positive...
    - http://www.f-secure.com/weblog/archives/00002073.html
    December 10, 2010 07:22 GMT - "Unfortunately we had a nasty false alarm couple of hours ago. The false alarm involved the detection Adware.smartad.d, which was in the database update 2010-12-09_10, released on 9th Dec 2236 UTC. This detection inadvertently triggered on the file google-analytics.com/ga.js. This file is a script associated with Google Analytics, and it's found on a fair number of websites. An exclusion for the file was released in the database update 2010-12-10_01 at 10th Dec 0052 UTC - about 2.5 hours after the bad update went out.
    Apologies for any disruptions caused by this false alarm. We're sorry. To minimize disruptions, please make sure your product has been updated to use the latest database updates."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #95
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation F-Secure remote binary vuln - updates available

    FYI...

    F-Secure remote binary vuln - updates available
    - http://secunia.com/advisories/42566/
    Release Date: 2010-12-15
    Criticality level: Highly critical
    Impact: System access
    Where: From remote
    Solution Status: Vendor Patch
    Solution: Apply patches. Patches are also distributed via the automatic update channel.
    Original Advisory: F-Secure Security Advisory FSC-2010-4:
    http://www.f-secure.com/en_EMEA/supp...sc-2010-4.html
    Last updated: 2010-12-15
    Risk level: High
    Brief description: Under certain circumstances, an attacker can trick the system into executing a binary file that has been planted on a disk resource that the computer can access... Administrators should download and apply the hotfixes listed...

    - http://www.securitytracker.com/id?1024895
    Dec 15 2010

    Last edited by AplusWebMaster; 2010-12-16 at 16:17.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •