Author Topic: NEW Avast version 23.8  (Read 8528 times)

0 Members and 1 Guest are viewing this topic.

Offline midnight

  • Massive Poster
  • ****
  • Posts: 2473
Re: NEW Avast version 23.8
« Reply #15 on: August 30, 2023, 05:01:54 PM »
Updated this AM with no problems  :)
.

Offline lukas.hasik

  • Avast team
  • Advanced Poster
  • *
  • Posts: 931
  • Product manager of Avast Security for Windows
Re: NEW Avast version 23.8
« Reply #16 on: September 01, 2023, 09:20:13 PM »
Do these 'New Scan Smart detection capabilities' actually work in Avast Free, as in it does it do more than just report them and offer the paid Avast product ?

I rarely run the Smart Scan (or on-demand scans) outside of some questions in the forums, as it usually results in a recommendation for the Avast paid products.

The Identity scan checks your my.avast account email with our DB of leaked accounts+passwords. Obviously, you'll need the Avast Secure Identit product to get the issues resolved. (https://www.avast.com/en-us/secure-identity) otherwise you end up with a screen similar to the attached one where you where what leaked.
Quality is also a feature.

Offline lukas.hasik

  • Avast team
  • Advanced Poster
  • *
  • Posts: 931
  • Product manager of Avast Security for Windows
Re: NEW Avast version 23.8
« Reply #17 on: September 01, 2023, 09:27:38 PM »
Does the improved web protection also apply to the free version?

Those capabilities are based on the "Real Site" feature which is part of Premium package. Unfortunately, it's not available for Free users. And probably won;t ever be as there is a cost connected with the DNS servers that are needed to provide this functionality.

Need to correct my answer.... I was wrong - please read an update from David - https://forum.avast.com/index.php?topic=324671.msg1709220#msg1709220
« Last Edit: September 11, 2023, 04:17:15 PM by lukas.hasik »
Quality is also a feature.

Offline aree2

  • Newbie
  • *
  • Posts: 18
Re: NEW Avast version 23.8
« Reply #18 on: September 03, 2023, 01:54:13 AM »
It is unfortunate for me to say but within 15m of updating to this version I had a bluescreen of death with System Service Exception as the error. I set my windows folder as exempt to see if it would stop and it did.

Still that is a big security hole so if anyone else has had this happen, free version, please speak up so it's fixed fast.

Offline jursa

  • Avast team
  • Jr. Member
  • *
  • Posts: 39
Re: NEW Avast version 23.8
« Reply #19 on: September 06, 2023, 09:09:51 PM »
Does the improved web protection also apply to the free version?

Hi, yes it's included in both versions (the paid version contains an additional SecureDNS feature that can protect in a more generic way against DNS spoofing and DNS attacks). We have improved the DNS scanner and parser in Webshield component to detect/block multiple types of C2 communication via DNS traffic:
- Support for detecting C2 callbacks, data exfiltration and payload delivery through the TXT records
- Support for detecting DNS C2 tunneling through the malicious NS servers
- Scanner supports scanning of A, AAAA, PTR, NX, MX, TXT DNS records, both directions (depending on the signature)

This feature is mainly focused on post-infection stage of malware execution focused on sophisticated malware strains. For example, GuptiMiner uses DNS TXT payloads tunneled through valid SPF domains like spf.microsoft.com we weren't able to block/track in previous versions. This new feature also helps with cleaning the already infected system - the blocked process is immediately scanned by the engine/behavior shield and eventually deleted,quarantined,terminated,..

Those new detections are currently turned on only for particular malware families and they can be recognized by the dns:// prefix in block dialog, see attached screen.

Thnx, David.

Offline Nunzio77

  • Poster
  • *
  • Posts: 429
Re: NEW Avast version 23.8
« Reply #20 on: September 06, 2023, 11:14:04 PM »
Does the improved web protection also apply to the free version?

Hi, yes it's included in both versions (the paid version contains an additional SecureDNS feature that can protect in a more generic way against DNS spoofing and DNS attacks). We have improved the DNS scanner and parser in Webshield component to detect/block multiple types of C2 communication via DNS traffic:
- Support for detecting C2 callbacks, data exfiltration and payload delivery through the TXT records
- Support for detecting DNS C2 tunneling through the malicious NS servers
- Scanner supports scanning of A, AAAA, PTR, NX, MX, TXT DNS records, both directions (depending on the signature)

This feature is mainly focused on post-infection stage of malware execution focused on sophisticated malware strains. For example, GuptiMiner uses DNS TXT payloads tunneled through valid SPF domains like spf.microsoft.com we weren't able to block/track in previous versions. This new feature also helps with cleaning the already infected system - the blocked process is immediately scanned by the engine/behavior shield and eventually deleted,quarantined,terminated,..

Those new detections are currently turned on only for particular malware families and they can be recognized by the dns:// prefix in block dialog, see attached screen.

Thnx, David.

Thanks a lot! 🙂
Thank you and good day!
Nunzio
----------------------------
Avast Free - Windows 10 Pro-32 Bit, Intel Core2 Duo CPU T7500, RAM 4 Gb, SDD 512 Gb, ATI Mobile Radeon HD 2400 - Avast Mobile Security Free - Smartphone Android