Author Topic: bad news on heise.de (Read 3452 times)

Karl S. · « **on:** June 05, 2006, 12:48:14 PM »

http://www.heise.de/newsticker/meldung/73846

please you commentate.

thank you
Karl

ardvark · « **Reply #1 on:** June 05, 2006, 12:57:31 PM »

Hi Karl...

I'm afraid I can't comment on anything written in German

What is the jist?

Best Regards...

Karl S. · « **Reply #2 on:** June 05, 2006, 01:03:35 PM »

Oh, i´m shure you can read this webpage.
there you can find another adress:
http://www.frsirt.com/english/advisories/2006/2115
Karl

ardvark · « **Reply #3 on:** June 05, 2006, 01:11:17 PM »

Hi Karl...

Ah, much better

I can't comment on the particular flaw or any of the aspects concerning the coding, Vlk or Igor might be willing to address this the next time they log on.

However, a solution is listed and easily performed.

Best Regards...

Vlk · « **Reply #4 on:** June 05, 2006, 01:13:52 PM »

Well, there's not much we can say about that...

Here's the avast program history page
http://www.avast.com/eng/av4_revision_history.html

See the line
- temporarily disabled the CHM unpacker (for security reasons)

Seeing this line was enough for them to publish the above mentioned information (see the "Vulnerability reported by the vendor" note).

Anyway, the problem is there; it's in fact a Windows error - see http://secunia.com/advisories/20061 . Since avast uses this library, it (probably) has this error as well (well, not the error, but the consequences). So we decided to disable the CHM unpacker until the problem is sorted out by Microsoft (or we find a way to avoid it - which is not too likely though).

Hmm, this is how easy it is to generate some bad press... $:-\$

This sentence is completely unfair, and false: "Betroffene Anwender sollten daher erwägen, bis zur sauberen Fehlerbeseitigung durch Alwil auf einen anderen Virenscanner umzusteigen."

Cheers
Vlk

RejZoR · « **Reply #5 on:** June 05, 2006, 01:15:25 PM »

Of course they're aware of it, thats why they disabled CHM archives scanning, rather than leave it vulnerable. I'm sure they're working on it. CHM files aren't exactly super common, so there's really nothing to worry about.

hlecter · « **Reply #6 on:** June 05, 2006, 02:11:42 PM »

I read the Secunia Advisory pointed to by VLK.

I don't want to upgrade yet.

Would I be safe by putting chm files in exclusion-lists for now?
Or is there another workaround(other than upgrading.)?

Thanks
HL

igor · « **Reply #7 on:** June 05, 2006, 02:20:58 PM »

The exclusion list is not a solution - the file is recognized by content, not extension.
The only workaround, available in the Professional version of avast!, would be browse through all the tasks in Enhanced User Interface (especially the resident protection) and disable the CHM unpacker for all of them (and, not using Simple User Interface for archive scanning subsequently).

hlecter · « **Reply #8 on:** June 05, 2006, 02:57:01 PM »

Thanks, Igor.

Author Topic: bad news on heise.de (Read 3452 times)

Karl S.

bad news on heise.de

ardvark

Re: bad news on heise.de

Karl S.

Re: bad news on heise.de

ardvark

Re: bad news on heise.de

Vlk

Re: bad news on heise.de

RejZoR

Re: bad news on heise.de

hlecter

Re: bad news on heise.de

igor

Re: bad news on heise.de

hlecter

Re: bad news on heise.de