Author Topic: Is Avast Free sufficient protection for Windows XP SP 2 with Updates turned off?  (Read 10756 times)

0 Members and 1 Guest are viewing this topic.

Offline ITNoob65

  • Newbie
  • *
  • Posts: 17
Hi Guys,

I tried googling and searching several forums but wasn't able to get anything concrete.

If I'm running a Windows XP machine with SP 2 or 3 and automatic updates turned off, is it safe to browse the web? I was reading a post on tom's hardware that said every site you visit can tell which OS you are using. But let's say I'm going to my bank's website. The data is encrypted right (https)?, so how would the operating system matter? Is there some connection between the OS and the browser?

Thanks.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37010
Why have you turned off updates?

Some info may be found here  http://forum.avast.com/index.php?topic=145320.0



Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31309
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Right click "my computer" > properties and it will tell you the service pack installed.

Offline ITNoob65

  • Newbie
  • *
  • Posts: 17
Thanks, I read that thread. I rather not say why my updates are turned off. Because I haven't been using Windows updates, I don't know if there has been any patches or fixes that make the web browsing experience any safer..and thanks eddy it's SP 2

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31309
  • Watching (over?) you
    • Malware removal, Biljart and other things.
First thing to do is installing SP3 and all (security) updates released after that.
They will patch security holes and make your system more safe.
You also need to turn on the automatic updates.

Offline ITNoob65

  • Newbie
  • *
  • Posts: 17
ok thanks

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 84896
  • No support PMs thanks
Thanks, I read that thread. I rather not say why my updates are turned off. Because I haven't been using Windows updates, I don't know if there has been any patches or fixes that make the web browsing experience any safer..and thanks eddy it's SP 2

Well with SP2 you won't be getting any updates switched on or not, updates for XP were stopped some time ago unless you had SP3 installed. With that support ending in April this year you only have a short time frame to get SP3 and any other security updates after SP3 installed.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.3.2459 (build 21.3.6164.561) UI 1.0.609/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline ITNoob65

  • Newbie
  • *
  • Posts: 17
Ok thanks David, I think I will take my chances with SP 2 with automatic updates turned off. I haven't had any issues and I'm hopeful that Avast Free is sufficient protection.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37010

Offline ITNoob65

  • Newbie
  • *
  • Posts: 17
beautiful, thanks Pondus

Offline ITNoob65

  • Newbie
  • *
  • Posts: 17
Many of those hotfixes don't apply in my case but there are some security updates that sound scary such as:

"MS08-001: Vulnerability in TCP/IP could allow remote code execution
MS06-057: Vulnerability in Windows Explorer could allow remote code execution
MS06-036: A vulnerability in the DHCP Client Service could allow remote code execution
MS06-020: Vulnerabilities in Macromedia Flash Player from Adobe could allow remote code execution"

I don't know what they mean but wouldn't those things be picked up by Avast if someone was trying to intrude on my network?

Offline schmidthouse

  • VIRUS FREE A Long Time
  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6830
  • When you think you know, Think Again
Many of those hotfixes don't apply in my case but there are some security updates that sound scary such as:

"MS08-001: Vulnerability in TCP/IP could allow remote code execution
MS06-057: Vulnerability in Windows Explorer could allow remote code execution
MS06-036: A vulnerability in the DHCP Client Service could allow remote code execution
MS06-020: Vulnerabilities in Macromedia Flash Player from Adobe could allow remote code execution"

I don't know what they mean but wouldn't those things be picked up by Avast if someone was trying to intrude on my network?

The way I understand Security Patches to an OS.
A Security Software Program whether Anti Malware/ Anti Virus/or Firewall does not protect from the vulnerabilities discovered in an Operating System that the Security Patches address.
You are talking Apples and Oranges. While a strong layered Secuity profile including Anti Virus will help this still does not address the OS vulnerabilities. :)
***HP ENVY 15K LT W10 Pro 20H2 64Bit/750GB HD/16GB Ram/Avast Premium 21.4.2462b/Secureline VPN v.5.11.5502b/ADU v.21.1b/ASB v.90b/ACP 21.1b/ SANDBOXIE-plus/MailWasherPRO
**HP Compaq 8510p LT W10 Pro 20H2 64Bit/1TB HD/8GB Ram/Avast Premium 21.4.2462b/ADU v.21.1b/ACP 21.1b/SANDBOXIE/MailWasherPRO/HotSpot Shield
     
*Dell Inspiron XPsp4 PRO 32Bit/Avast(since 2002)18.8.2356/WP/Comodo FW 3.14/Secureline/Comodo IceDragon v.40
LAYERED SECURITY SOFTWARE

Offline ITNoob65

  • Newbie
  • *
  • Posts: 17
ok Thanks Schmidt

Offline waking

  • Sr. Member
  • ****
  • Posts: 365

With that support ending in April this year you only have a short time frame to get SP3 and any other security updates after SP3 installed.

I think that may be inaccurate. MS will not be issuing any *new* patches for XP after April but the *existing* service packs and patches will likely be available for quite some time after that. I haven't seen MS suddenly yank all existing patches and SPs for older software versions as soon as active support ends.


Offline waking

  • Sr. Member
  • ****
  • Posts: 365

A Security Software Program whether Anti Malware/ Anti Virus/or Firewall does not protect from the vulnerabilities discovered in an Operating System that the Security Patches address.

Well, I think that depends on a number of factors. First off, a newly discovered and newly exploited vulnerability may not get detected when first released to "the wild". So if such a vulnerability can be eliminated proactively by patching the OS *before* an exploit starts circulating then that's ideal.

Once an exploit is identified, most top-tier AV/IS products will detect and block that exploit. So an AV can and will offer some protection against exploits of OS vulnerabilities. See:

2012 Consumer AV/EPP Comparative Analysis - Exploit Protection
https://www.nsslabs.com/reports/2012-consumer-avepp-comparative-analysis-exploit-protection

Additionally, products such as EMET may afford some protection against new exploits of unpatched vulnerabilities by disrupting the typical methods used by exploits to attack most Windows vulnerabilties. It appears that Kaspersky for one also attempts similar interceptions and disruptions of common exploit behavior via Automatic Exploit Prevention.

See:

Automatic Exploit Prevention Technology
www.kaspersky.com/downloads/pdf/kaspersky_lab_whitepaper_automatic_exploit_prevention_eng_final.pdf

www.mrg-effitas.com/wp-content/uploads/2012/06/MRG-Effitas-Exploit-Prevention-Test1.pdf

« Last Edit: February 02, 2014, 09:17:40 AM by waking »