Automatic updates and features enabled without permission in Avast 12

[Orava Puu]

Hello,

My Avast version is 12.1.2272. Today I noticed that the program had enabled the automatic software updates and turned on many features I don't need:
- Passwords
- HTTPS checking (sadly this is blocking many non-harmful websites)
- Prevent malware URLs
- Take part in the Avast community and send information anonymously to Avast.

I turned them off, but they are always re-enabled within a couple of hours. What's going on?

[DavidR]

I have been using Avast for over 18 years and for the most part, I have had my Program Updates set to Manual and haven't suffered any forced/automatic updates.

But then again I'm not running what is most likely an unsupported avast version 12.1.2272, I don't know if that might be the cause.  Or why you are sticking with such an old version (21 June 2016).

Since you don't mention any of the sites, plus I don't know what non-harmful site (today's safe site could be tomorrows hacked site) is or why avast would be blocking.

Even Windows XP can go up to avast 18.8.xxxx.

[Orava Puu]

I have been using Avast for over 18 years and for the most part, I have had my Program Updates set to Manual and haven't suffered any forced/automatic updates.

But then again I'm not running what is most likely an unsupported avast version 12.1.2272, I don't know if that might be the cause.  Or why you are sticking with such an old version (21 June 2016).

Since you don't mention any of the sites, plus I don't know what non-harmful site (today's safe site could be tomorrows hacked site) is or why avast would be blocking.

Even Windows XP can go up to avast 18.8.xxxx.

Hello! I'm using Avast 12, because it's been problem-free for many years on my Windows 8.1. "If it ain't broke, do not fix it". 

HTTPS scanning: So far, I've had problems with myaccount.google.com, pinnacle.com and allmusic.com. I get "This site can’t provide a secure connection" error message on Google Chrome.

[Asyn]

Dev-Info:

1. Avast version X is released, https scanning works for the current version of the browser(s)
2. A new version of the browser is released - with internal changes that prevent Avast https scanning from working
3. Avast version X+1 is released, with updated code to make https scanning work again

There's no way to avoid that (it's happening because there's no "supported" way of scanning browser traffic, i.e. no API - so WebShield, and especially https scanning, has to rely on some internal stuff of the browsers). So yes, Avast supports HTTPS scanning - by updating the code and releasing it as a new version.

So I have to repeat again - the only way to stay as safe as possible is to use the latest versions of the program. If you stay on an older version, you are at risk that some features stop working (because of changes in 3rd party software, i.e. out of our control), the antivirus may not be effective against latest threats (of course the antivirus core responds to the latest development in the world of malware in each version - so older version may not be able to "see" some things), and you may be vulnerable to some security bugs in the antivirus itself (which again we fix once we learn them - and the fix is released as new versions).

[DavidR]

@  Orava Puu

The HTTPS protocol (is constantly evolving) has also been updated to make it more secure, so the very old version of Avast that you have may not support the latest HTTPS if sites are using it.

As you say "If it ain't broke, do not fix it", well it appears to be broken in certain cases if sites are using the latest versions of HTTPS protocol/connection.

I have had no problem connecting to all three sites that you gave, myaccount.google.com, pinnacle.com and allmusic.com.  I don't use Chrome, but the latest version of Firefox.

Do you keep you're browser up to date as they to might be trying to use the latest HTTPS protocols ?

Interestingly, I don't have the very latest version of Avast 22.4.xxxx but Avast Free 22.2.6003 (two months adrift).  I monitor the forums and program update notifications and look at what has been fixed/updated and if that impacts me or not.  Let it soak for a while and then do a manual program update, but not 6 years.

[Orava Puu]

Thanks for your replies Asyn and DavidR (you're not David Rowntree, my favourite drummer? ) Now I understand why the HTTPS scanning isn't working as desired on my system.

Sadly I still cannot disable automatic updates. I wonder why? Is it because of the 3rd party software you use? If that's so, it's pretty worrying the program can now update itself without your control. Is there any way to prevent these silent updates from happening in the future?

I understand I should update to the latest version of Avast, but I fear there will be incompatibility issues with my current software. I've worked hard to get my system as stable as possible.

[Asyn]

Thanks for your replies Asyn and DavidR (you're not David Rowntree, my favourite drummer? ) Now I understand why the HTTPS scanning isn't working as desired on my system.

You're welcome. I'll leave it to Dave to answer the drummer question.

[Asyn]

I understand I should update to the latest version of Avast, but I fear there will be incompatibility issues with my current software. I've worked hard to get my system as stable as possible.

Well, I also run W8.1 and no issues here (even with the latest beta).

[DavidR]

Thanks for your replies Asyn and DavidR (you're not David Rowntree, my favourite drummer? ) Now I understand why the HTTPS scanning isn't working as desired on my system.

You're welcome.

Your right I'm not David Rowntree.

Unfortunately Computing, security and the Internet marches on apace so we just can't ignore that change.
There are times when emergency updates might be released to cover vulnerabilities/new threats, etc. and I (as an Avast User) think these fall outside of the regular Program Update settings.  These emergency updates would most likely require a system restart to take effect.

One thing I'm sure of I have never has a forced Program update (emergency updates aside) since I set Program Updates to Manual.  I can't see how this would have been a regular program update if you still have "Avast version is 12.1.2272" as you mentioned.