I’m pleased to announce that there is an update available (v22.214.171.124) for the Smokey’s Choice Awarded top-notch security software Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Norton Antivirus and Norton Security Suite. As with all previous Norton Security software updates, this version is being released in a phased manner. The update is available in all supported languages. To download it, run LiveUpdate.
Changes in this release
* Fixes an issue where ‘iTunes Hangs when trying to Eject’
* Fixes an issue where ‘Display driver issues leading to ‘product not starting’
* Fixes an issue where ‘Nothing happens when I click on Scan’
* Several fixes for desktop flickering issues’ and other problems with Win10 upgrades.
* Clean up left over items during a Windows 10 upgrade to prevent Live Update errors
* Fix for a crash in Hebrew specific layouts.
* Fixes the alignment issue on clicking help in main UI
* Fixes an issue where ‘Auto-Protect is Greyed out’
– and other fixes…
It’s easy to verify you have the update, just launch the Main User Interface, click on Help, and select About.
This update v126.96.36.199 is currently officially available via LiveUpdate only, however there is also the possibility for a direct download from the Symantec/Norton servers. You can install the downloaded update/patch over the top of your existent Norton product. This time too the update will be no problem at all, all previous Norton Security settings will remain unaltered after the update. The update will be accomplished within a few minutes, reboot is not not be required. Important: run LiveUpdate after updating to the new version!
Direct downloadlinks full version / update / trial / Norton Security v188.8.131.52 (patch 22.5.4)
– Norton Security 184.108.40.206 ENGLISH Language: http://buy-download.norton.com/downloads/2015/22.5.4/NS/US/NS-ESD-220.127.116.11-EN.exe
– Norton Security with included Backup 18.104.22.168 ENGLISH Language: http://buy-download.norton.com/downloads/2015/22.5.4/NSBU/US/NSBU-ESD-22.214.171.124-EN.exe
– Norton Security and Norton Security with included Backup 126.96.36.199 in all other supported languages: change language by changing to e.g. Norton Security 22.5.4 DUTCH: http://buy-download.norton.com/downloads/2015/22.5.4/NS/NL/NS-ESD-188.8.131.52-NL.exe
ExynosAbuse Exploit: obtaining root on Exynos4 based Samsung Android devices without ODIN flashing, malicious apps will be able to gain total control over the device by gaining root without asking and without any permissions on a vulnerable device.
Source: XDA Developers (alephzain, Chainfire)
Samsung solution status: unfixed
– Samsung Galaxy S2 GT-I9100
– Samsung Galaxy S3 GT-I9300
– Samsung Galaxy S3 LTE GT-I9305
– Samsung Galaxy Note GT-N7000
– Samsung Galaxy Note 2 GT-N7100
– Samsung Galaxy Note 2 LTE GT-N7105
– AT&T Galaxy Note 2 SGH-I317
– Verizon Galaxy Note 2 SCH-I605
– Samsung Galaxy Tab Plus GT-P6210
– Samsung Galaxy Note 10.1 GT-N8000, GT-N8010, GT-N8013, GT-N8020
Note: Google Nexus 10 not vulnerable, Exynos5.
Temporary patch (provided by Chainfire): http://forum.xda-developers.com/showthread.php?t=2050297
Note: Chainfire requested not to redistribute the patch, instead please link to http://forum.xda-developers.com/showthread.php?t=2050297
Update Dec 20 2012
Official Samsung Statement Exynos kernel vulnerability issue (in full)
“Samsung is aware of the potential security issue related to the Exynos processor and plans to provide a software update to address it as quickly as possible.
The issue may arise only when a malicious application is operated on the affected devices; however, this does not affect most devices operating credible and authenticated applications.
Samsung will continue to closely monitor the situation until the software fix has been made available to all affected mobile devices”
I will only mention Chainfire’s fix. It’s the only one that is secure. Both Supercurio’s and RyanZA’s method leave you with easily exploitable holes any serious malware author will abuse.
About Chainfire’s fix
Chainfire: “This is an APK that uses the ExynosAbuse exploit (by alephzain) to be able to do various things on your Exynos4 based device.
Features for non-rooters:
– Securely patch the exploit
Features for rooters:
– Root the device (SuperSU v0.99)
– Enable/disable the exploit at will
– Enable/disable patching the exploit at boot
– Unroot and cleanup (optionally leaving the exploit patch at boot in place)
Please note that patching the exploit may break camera functionality, depending on device and firmware. Also note that if use the patch method without rooting, or keep patching the exploit at boot enabled when unrooting, you need an alternate method to re-root the device to disable this feature (like CF-Auto-Root) – you cannot use ExynosAbuse to do this since it patched the exploit. Unlike other patch authors, I do not believe in keeping an invisible rooted process running in the background while pretending you aren’t rooted, to be able to unpatch this way.
While the exploit patches work (aside from possibly disabling your camera), these are more work-around than actual fixes. A proper patch would be a kernel fix, either from a third party or Samsung themselves”
Download the fix here: http://forum.xda-developers.com/showthread.php?t=2050297
Note: please do not redistribute the fix!
As you probably will remember, December 2011 I posted a review concerning avast! Mobile Security (AMS) for Android phones, my verdict was (and still is): an excellent Security Suite, also very reliable and provided with a top-notch Anti-Theft module. For reason of the outstanding good test results AMS gained the Smokey’s 2011/2012 Choice Award, this Award will only be granted to the best among the best.
This week avast! company informed me that a new major version of the suite was released, v2, and this new version is in beta stage. They told me also that current stable v1 of the suite wasn’t updated since April 2012 for reason of development v2.
Like I told v2 is still beta but the new features sound very promising and will make the product even better, in this way protecting the user in a more solid way and providing him with additional useful features, time to provide you with a fast survey of v2 beta.
According to avast! company new features are:
* avast! Anti-Theft web portal integrated into the avast! Account
* Network Meter
* avast! widget
* Optimized UI for tablets
* Real-time protection (on-exec scanning) of apps
* Custom rules and log in the firewall
* The shield control UI to fine-tune on-access security setup
* avast! SiteCorrect for the Web Shield
* Scanning of incoming messages
* SMS/Call filter wildcards
* Greyscale notification icon
Adding all these new features to avast!’s already superb security suite will make it (again) the best security suite for android phones there is, and will put it again on top of all available suites. V2 beta avast! Mobile Security and avast! Anti-Theft are downloadable on avast! Forum, keep in mind that (like with all beta’s) use will be on your own risk. If you have the intention to download and install the beta please read the beta support thread before installing, in this way knowing what problems you can expect and current development stage of the beta.
To me it’s not clear v2 final will remain free, at the moment pricing info isn’t available.
System Requirements v2 beta avast! Mobile Security
Operating Systems Supported:
– Android 2.1.x
– Android 2.2.x
– Android 2.3.x
– Android 3.x
– Android 4.0.x
– Experimental support for Android 4.1.x
– Review v1 avast! Mobile Security for Android phones: https://smokeys.wordpress.com/2011/12/24/review-avast-mobile-security-for-android-phones/
– About the Smokey’s Choice Awards: https://smokeys.wordpress.com/2011/12/30/about-the-smokeys-choice-awards/
– Downloadlinks v2 beta avast! Mobile Security and avast! Anti-Theft / v2 beta Support Forum: http://forum.avast.com/index.php?topic=101642
Isn’t it amazing how at once there is a superb anti-virus, smashing all competitors, established vendors included? The Anti-Virus Holy Grail so to speak, doing a fantastic job of keeping customers PC’s free of malware, this in contradiction of these competitors? At the same time an AV with great support, prepared to listen to customers and helping them in an adequate way, and also being realistic when it regards shortcomings (however see this as a joke… an AV Holy Grail that doesn’t have any shortcomings).
Don’t look any further, don’t try any other anti-virus…. but be smart and buy NOW the 2012 Super AV: Webroot SecureAnywhere.
Competitors are selling crap,anyway, this is Webroot’s opinion, so don’t hesitate and only be satisfied with the Best of the Best: WSA (Webroot SecureAnywhere).
Of course it is true what they say about other AV vendors, please don’t call this bashing, it’s just business, okay?! Yells like “Takes up 96% less space than Kaspersky”, “Uses 97% less memory than McAfee”, “Scans more than 3x faster than Kaspersky”, “Takes up 99% less space than McAfee”, “Uses 92% less memory than Norton”, “Installs 131x faster than McAfee”, “Scans nearly 4 times faster than Norton”. The Webroot website is overwhelmed with such yells, there is hardly room left to tell the customer some (true) facts about WSA. Personally I really like this Webroot yell: “Webroot vs.Symantec is like David vs. Goliath. Only this David has a much faster, lighter, easier-to-manage slingshot”. This all is dramatic pure for sure, a climax that can’t be beaten by anyone.
I can hardly imagine that there are people believing the Webroot PR yells, after all yelling is Webroot’s trademark. OTOH they are true masters of it…. hence making it very convincing.
It starts at the very bottom with a Webroot Support Forum Helper, a PR expert on his own and also a master in repeating what Webroot employees are saying, then continues with Webroot Support/Quality Assurance Staff yelling to customers they must believe whatever the helper say, (after all, customers are stupid and clearly show their stupidity!!), subsequently we then have Webroot Support Team Staff yelling what a great product WSA is…. and finally we have the Webroot website and Support Forums, the absolute Masters of the Yell.
I admit that WSA is really small in size and fast just like WSA yells at us, however there is also a downside: it does not have the (high) detection rates that several other AV’s have. This is not just a yell from me, AV Testing Organization AV-Comparatives proved it very well: in their Protection-Test March-June 2012 AV Webroot SecureAnywhere 2012 gained the lowest protection rate of just a very disappointing 90,9%. In the test participated by 21 AV vendors/products WSA reached rank 21.
AV-Test.org, also an AV Testing Organisation, have tested WSA too. Talking again about detection rates, products like e.g. AVG’s Anti-Virus Free Edition 2012, AVG’s Internet Security 2012, BitDefenders Internet Security 2012, BullGuard’s Internet Security 12.0, F-Secure’s Internet Security 2012, G Data’s Internet Security 2012 and Kaspersky’s Internet Security 2012 were scoring better than WSA.
There is also issues false positives:
WSA gained the worst score according to AV-Comparatives False-Alarm-Test March 2012. We all know that false positives can really hurt your PC so FP’s can be dangerous just like malware is. When I have to choose between speed/used space and malware detection rates/amount FP’s ….I will choose the latter for sure.
Like I admitted before, WSA is really fast….. but regrettably not when regarding a full scan on demand, for example. Despite following Webroot’s promise: “After initial scan, full system scans typically take two minutes or less”. What Webroot don’t tell us is that a full scan will factually take hours. Furthermore, in my opinion they shouldn’t offer a ‘Full scan’ possibility at all to the customer if they are opinion it’s an unnecessary tool. After all their official POV is:
An actual full scan of the computer will both take hours in most cases and is also completely unnecessary for protecting the computer with WSA.
I clearly see here snake oil tactic of Webroot, with the aim to retain the claim of whopping fast scanning and at the same time putting other anti-virus vendors in a bad spotlight.
Webroot Inc. is also a damned well organised merchandising machine…. That they are heavily promoting their products on the Webroot (Prevx) support forums is fine, nothing wrong with that. The trick is to do the same on other forums without being provided with the spam label.
So how does the trick work? Almost every forum thread where a malware issue is discussed or advice is asked for on what AV to use…. will be provided with an urgent encouragement to use WSA. Surprisingly it’s almost always a Webroot Support Forum Helper encouraging the thread reader to do so. Final touch is then given by Webroot Support Team, praising the Webroot Support Forum Helper for his great advice and again encouraging the reader to use WSA. Finally the thread will end with a survey of where to obtain WSA good deals, the survey will be mostly offered by an anonymous user. I call this ordinary spam.
Common exception: if the thread is going ‘wrong direction’, Webroot Support Team is clever and don’t show up at all, instead the WSA Support Forum Helper will starting a tirade to the messenger of the ‘bad news’ and maintain the tactic to shoot the messenger by calling him e.g. a troll. This kind of ‘support’ can hardly be called decent and customer-orientated.
I don’t say Webroot SecureAnyWhere is a bad product, but it need much improvement.
I don’t say PR is condemnable, I just don’t like Webroot’s business practices.
I don’t like the way they provide support.
I don’t like the way the customer is treated.
I don’t like it when a product with very bad detection rates and lots of false positives is praised into AV heaven, please keep in mind there are better AV’s.
Last but not least, I don’t like spam.
(CNN – May 2, 2011) — Osama bin Laden, the mastermind of the worst terrorist attacks on American soil, is dead, officials said — almost 10 years after the attacks that killed about 3,000 people.
The founder and leader of al Qaeda was killed by U.S. forces Monday in a mansion in Abbottabad, north of the Pakistani capital of Islamabad, along with other family members, a senior U.S. official told CNN.
In an address to the nation Sunday night, U.S. President Barack Obama called bin Laden’s death “the most significant achievement to date in our nation’s effort to defeat al Qaeda.”
“Today, at my direction, the United States launched a targeted operation against that compound in Abbottabad, Pakistan,” Obama said. “A small team of Americans carried out the operation with extraordinary courage and capability. No Americans were harmed. They took care to avoid civilian casualties. After a firefight, they killed Osama bin Laden and took custody of his body.”
To satisfy the curiosity of many people, here the location of Osama bin Laden’s compound on Google Maps. The compound is located at 34°10′9″N 73°14′33″E, 2.5 miles (4 km) northeast of the center of Abbottabad and three-quarters of a mile (1.3 km) southwest of the Pakistan Military Academy (PMA).
Expect a flurry of e-mails, and likely black hat search engine operations trying to take advantage of the event to distribute malware. Be aware for the dangers of emails proclaiming to have information and searching for websites about his death. If you look-out for news about the death of Bin Laden and related issues, please only visit trusted news sites, also don’t click blindly on images related to the news.
Update May 2: there are reports the Bin Laden death scams are already all over Facebook.
Update May 3: malware is found on numerous sites optimized to show up on Web searches related to the event, also in scams on social networks like Facebook, Twitter & Co.