Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 2861058 times)

0 Members and 2 Guests are viewing this topic.

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #3900 on: July 15, 2015, 08:13:57 PM »
But there are others that find it hard to mitigate because lack of an alternative. Large department stores with XP driven cash systems are left out in the cold.
And I agree with you there are millions out there that should not have a "puter" because the way they run it is endangering themselves and others also. Driving an OS without a license should be considered as an offense.

polonus

Well in the UK as far as I'm aware, The National Health Service (NHS) are paying a lot of money so that their XP systems continue to be updated. This is the same as some large companies paying for support for their XP Point Of Sale (POS) systems.

This has lead to the SP4 Hack so XP systems can continue receiving XP POS updates, no doubt in due course MS will kill this hack to try and drive them towards win10 purchase as they won't be eligible for a free OS Upgrade (as legit versions of Win7 and win8.x are).
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • Trust only what you test yourself!
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #3902 on: July 16, 2015, 07:11:17 PM »
But there are others that find it hard to mitigate because lack of an alternative. Large department stores with XP driven cash systems are left out in the cold.
And I agree with you there are millions out there that should not have a "puter" because the way they run it is endangering themselves and others also. Driving an OS without a license should be considered as an offense.

polonus
The Unofficial SP4 for Windows XP: http://www.ryanvm.net/forum/viewtopic.php?t=10321&postdays=0&postorder=asc&start=0
Extends updates for an additional 5 years. I would still recommend upgrading but, if that's not possible,
this is better than the alternative: No Updates....
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #3903 on: July 17, 2015, 12:21:37 PM »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #3904 on: July 17, 2015, 12:38:02 PM »
No-one needs flash anymore
Agreed Pol, I droped it several months ago and don't miss it... ;)
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Secondmineboy

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3645
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #3905 on: July 17, 2015, 12:48:03 PM »
Still installed on my end, no malware or exploit yet :D
Windows 10 1909, 4 GB DDR3 RAM, 500 GB 5400 RPM HDD, 1366 by 768 LCD Screen, Intel Core i3 5010U Dual Core, Intel HD Graphics 5500
HUAWEI P30 Pro. Android 10

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #3906 on: July 17, 2015, 12:55:09 PM »
Hi Steven Winderlich,

You were lucky then as you know that adobe flash needs constant updating and then again no one needs it now for vids or whatever.
So I hope it will not "zombie"upon you. Just an example of what can happen with exploits. Here is a scan: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fblackorwhite.nl%2F where I searched for "comment", with at the bak of my head what was proposed here: http://blog.9bplus.com/if-i-were-an-attacker-third-party-js-librarie/  I am not an attacker, but just now imagine how easily this could have been done. Always remember those that want to protect just need the whole manual to get full protection an attacker just nbeeds one little wormhole.

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Secondmineboy

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3645
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #3907 on: July 17, 2015, 12:58:37 PM »
I still have Flash and Java installed and Avast or me myself keep it up-to-date as much as possible :)
Windows 10 1909, 4 GB DDR3 RAM, 500 GB 5400 RPM HDD, 1366 by 768 LCD Screen, Intel Core i3 5010U Dual Core, Intel HD Graphics 5500
HUAWEI P30 Pro. Android 10

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #3908 on: July 17, 2015, 03:36:57 PM »
I still have Flash and Java installed and Avast or me myself keep it up-to-date as much as possible :)
The problem is that the updates only happen after another vulnerability has been discovered and left you exposed:(
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #3909 on: July 17, 2015, 03:44:42 PM »
No-one needs flash anymore: https://support.google.com/chrome/answer/108086?hl=en

polonus

Flash isn't dead at all:
Quote from: 'Google Chrome Article'
Adobe Flash Player is directly integrated with Google Chrome and enabled by default. Available updates for Adobe Flash Player are automatically included in Chrome system updates.

A.) It's still there, you just don't see it any more in Chrome, but it is there and updated as part of Chrome.
B) You have got to be using Chrome, so that isn't going to happen for everyone (me for one).

I still have Flash and Java installed and Avast or me myself keep it up-to-date as much as possible :)
The problem is that the updates only happen after another vulnerability has been discovered and left you exposed:(

So the same is true of Chrome&Flash, vulnerabilities can still be exploited before Chrome is updated.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #3910 on: July 17, 2015, 04:14:20 PM »
No-one needs flash anymore: https://support.google.com/chrome/answer/108086?hl=en

polonus

Flash isn't dead at all:
Quote from: 'Google Chrome Article'
Adobe Flash Player is directly integrated with Google Chrome and enabled by default. Available updates for Adobe Flash Player are automatically included in Chrome system updates.

A.) It's still there, you just don't see it any more in Chrome, but it is there and updated as part of Chrome.
B) You have got to be using Chrome, so that isn't going to happen for everyone (me for one).

I still have Flash and Java installed and Avast or me myself keep it up-to-date as much as possible :)
The problem is that the updates only happen after another vulnerability has been discovered and left you exposed:(

So the same is true of Chrome&Flash, vulnerabilities can still be exploited before Chrome is updated.
That's why you also run Flashcontrol in Chrome. :) 
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #3911 on: July 17, 2015, 04:52:52 PM »
No-one needs flash anymore: https://support.google.com/chrome/answer/108086?hl=en

polonus

Flash isn't dead at all:
Quote from: 'Google Chrome Article'
Adobe Flash Player is directly integrated with Google Chrome and enabled by default. Available updates for Adobe Flash Player are automatically included in Chrome system updates.

A.) It's still there, you just don't see it any more in Chrome, but it is there and updated as part of Chrome.
B) You have got to be using Chrome, so that isn't going to happen for everyone (me for one).

I still have Flash and Java installed and Avast or me myself keep it up-to-date as much as possible :)
The problem is that the updates only happen after another vulnerability has been discovered and left you exposed:(

So the same is true of Chrome&Flash, vulnerabilities can still be exploited before Chrome is updated.
That's why you also run Flashcontrol in Chrome. :) 

Yes, but you miss my point Flash is still present, as are potential vulnerabilities which could be exploited. How are you to know that there isn't a potential vulnerability when you give flashcontrol the OK to load it.

It may well limit the risk but it doesn't completely remove it.

NoScript can also restrict the running of Flash (and JAVA if you have that too), also in the Flash Player settings you can restrict it from storing data on your system.

So there are ways to limit risk, but not completely remove it, this is why hard disk imaging is the way to go for a backup and recovery strategy.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • Trust only what you test yourself!
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #3912 on: July 17, 2015, 11:49:28 PM »
ILOVEYOU – SPAM

https://blog.malwarebytes.org/social-engineering/2015/07/iloveyou-spam/?utm_source=Gplus&utm_medium=social

Concerning "flash" or anything else as far as that goes, "nothing gets fixed until it's broke".
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline ehmen

  • Poster
  • *
  • Posts: 498
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #3913 on: July 19, 2015, 05:13:43 AM »
Steer clear of low-tech hacks: How to keep your information safe
http://www.cnet.com/news/steering-clear-of-low-tech-hacks/

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #3914 on: July 19, 2015, 09:50:26 AM »
Mitnick proved that social engineering was and is an enormous threat and a prelude to all types of compromittal.
Get the uninformed ignorant persons to tell details they should not share with anyone can mean the difference between a succeeded attack and a trial run. Re: http://wiki.cas.mcmaster.ca/index.php/The_Mitnick_attack

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!