News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Blog Archives

  • Born: Broadcom botches the Symantec migration

    Posted on March 3rd, 2020 at 13:37 woody Comment on the AskWoody Lounge

    So Broadcom bought Symantec for $ 10 billion. Symantec becomes NortonLifeLock, another excellent example of wasted name recognition.

    As part of the transition, today, Broadcom abruptly cut off all links to the old Symantec site. People, uh, aren’t happy. Apparently they’re even having trouble buying new licenses for the old Symantec software.

    Günter Born has a rundown, which relies heavily on Catalin Cimpanu’s reporting. You’d think with a $10 billion budget they’d do a bit better.

  • Avast, caught selling users’ private data, will shut down the division that’s selling the data

    Posted on January 30th, 2020 at 09:16 woody Comment on the AskWoody Lounge

    So what do you do when your company’s caught selling the surfing data from its “Free” antivirus product?

    You shut down the division that sells the data, of course.

    Charlie Osborne on ZDNet:

    Avast is winding down its subsidiary Jumpshot following an explosive investigation into the sale of user data to third parties that may pose a risk to consumer privacy.

    On Thursday, the antivirus vendor said the unit will no longer have access to user information harvested from users of Avast products and services will eventually be fully terminated…

    Jumpshot reportedly has access to information from over 100 million devices; or rather, once did.

  • Enormous trove of Avast-gathered data being sold

    Posted on January 27th, 2020 at 09:18 woody Comment on the AskWoody Lounge

    Joseph Cox at Vice/Motherboard just published an eye-opener:

    Leaked Documents Expose the Secretive Market for Your Web Browsing Data

    An Avast antivirus subsidiary sells ‘Every search. Every click. Every buy. On every site.’ Its clients have included Home Depot, Google, Microsoft, Pepsi, and McKinsey.

    Our report relies on leaked user data, contracts, and other company documents that show the sale of this data is both highly sensitive and is in many cases supposed to remain confidential between the company selling the data and the clients purchasing it.

    Looks like PCMag.com joined in the investigation.

    Are you using Avast Free?

  • Born, BleepingComputer: Malwarebytes fixes AdwCleaner, removing a DLL hijacking vulnerability

    Posted on December 20th, 2019 at 08:42 woody Comment on the AskWoody Lounge

    Günter Born is at it again. This time he found a DLL hijacking vulnerability in Malwarebytes’ AdwCleaner 8.

    If Windows shows unwanted programs or displaying unwanted ads after installing software possible adware has been involved. In order to clean the system of this unwanted programs, the tool Malwarebytes AdwCleaner may be used (its free for private use)…

    When AdwCleaner runs with administrative permissions, the code from the loaded DLL files is also executed as a process with administrative permissions. Normally this works well, because Windows does not find the DLL files in the folder of the program and then searches in the Windows folders. But if a malware knows that a tool has a DLL hijacking vulnerability for certain DLLs, it only needs to store a file with the same name in the folder containing the application.

    Born notified Malwarebytes on Dec. 10 and they sent him a beta copy of a new version. That version also had a major DLL hijacking problem. Ultimately, Malwarebytes released a smarter version 8.0.1 without the security hole on Wednesday.

    There’s a detailed explanation of the vulnerability and its resolution in this Lawrence Abrams post on BleepingComputer.

  • Microsoft blinks: MS Security Essentials will be supported after Win7 hits end-of-life next month

    Posted on December 18th, 2019 at 07:43 woody Comment on the AskWoody Lounge

    At least, that was the promise.

    Nobody’s fixed the official documentation yet.

    Details in Computerworld Woody on Windows.

  • Avast snooping gets called out by Firefox

    Posted on December 3rd, 2019 at 07:25 woody Comment on the AskWoody Lounge

    And for good reason.

    Martin Brinkmann reports:

    If you search for Avast or AVG on the official Mozilla Add-ons website, you may notice that no results by these companies are returned. Neither Avast Online Security or SafePrice… are returned by the Store currently even though these extensions exist. It appears that Mozilla removed these extensions from its Store.

    He goes on to quote a security researcher (the creator of AdBlock Plus) who determined two months ago that Avast snoops like crazy:

    The data collected here goes far beyond merely exposing the sites that you visit and your search history. Tracking tab and window identifiers as well as your actions allows Avast to create a nearly precise reconstruction of your browsing behavior: how many tabs do you have open, what websites do you visit and when, how much time do you spend reading/watching the contents, what do you click there and when do you switch to another tab. All that is connected to a number of attributes allowing Avast to recognize you reliably, even a unique user identifier.

    Back in August, @satrow observed:

    They’ve been interfering with browser HTTPS connections for almost 5 years now.

    Seems like the chickens have come home to roost.

    Brinkmann says Avast extensions are still available in Chrome – but I can’t find any.

    (By the by… Avast owns AVG. Avast bought a majority stake in AVG more than three years ago. The products are similar, but not identical. Wouldn’t surprise me a bit if AVG were up to similar shenanigans.)

  • LangaList: How do you detect if your computer has a boot sector virus?

    Posted on November 20th, 2019 at 07:44 woody Comment on the AskWoody Lounge

    Another short, simple, down-to-earth article from Fred Langa.

    If you aren’t hooked up to Fred’s free post notification system, you’re missing a lot!

  • Born: Microsoft incorrectly signed the MSRT update that’s been bouncing around. It’s fixed now.

    Posted on November 14th, 2019 at 13:01 woody Comment on the AskWoody Lounge

    News on that infuriating MSRT update bug. If you recall, the version of KB 890830 that arrived on Patch Tuesday was all over the map. As I said in Computerworld:

    There are hundreds of reports online of people who found that the MSRT installer threw an 800B0109 and wouldn’t install; or installed but then reinstalled on reboot; showed up multiple times in the Installed Updates list; didn’t show up in the Installed Updates list in spite of running; and several variations on those themes.

    I also said that the bad patch was fixed on Tuesday night – but, at least for some people, it wasn’t.

    Now comes word from Günter Born about the root cause of the problem:

    Microsoft made a mistake signing the update package in question… KB 890830 is no longer available via Windows Update… Microsoft has updated the package (in the Update Catalog) for Windows 7 and Server 2008/r2 and replaced the faulty certificate.

    He reports that the newly updated (but not yet pushed) version installs correctly. (Actually, I should say “runs correctly,” because the MSRT programs just run, they don’t install anything.)

    UPDATE: @Speccy has observed that the problem isn’t with the certificate, but with our old friend the SHA-2 signing problem with Win7 patches. Looks like he’s right. Read more here.