Slashdot Mirror
Avira Premium Anti-Virus Bug Disables Windows Machines
New submitter Adesso writes "Anti-virus vendor Avira is having difficulty with an update of all their Premium customers. An update that has been downloaded over 70 million times is causing the 32-bit version of Windows to block almost all critical applications. Avira has responded promptly with an interim solution for this problem. In most cases this causes Windows to not boot properly."
Couldn't we be using Avira at work?
Then I could go home and play Diablo.
I like you, Stuart. You're not like everyone else, here, at Slashdot.
I guess that's one more to add to my list of AV products I recommend against.
But hey, they'll give you a month free subscription for your troubles*.
*Hyperbole, they'll most likely give users nothing.
Cheers!
"Helping to keep you two steps ahead of the Thought Police!"
When AVG caused a boot failure several years ago I switched started switching everyone who asked to Microsoft Security Essentials; still seems to be the best free one. At work I'm happy with NOD32; I suppose that they could have a similar problem, but they've been really good so far.
This is a very effective security measure. If your system cannot boot it cannot get infected.
It's a classic case of artificial intelligence vs. human stupidity. The artificial intelligence algorithm employed by Avira for keeping computers secure has determined that the only way to achieve real security for most users it's to turn the PC into a brick. Some people are simply too stupid to wander online unsupervised, so it's for their own protection. If you can restore your computer to normal operation, you have just passed the test and you are worthy of computer access.
Erh... no.
Anti-virus programs cannot stop you from getting viruses. They can only react after the fact. Their updates are by necessity reactive: a virus appears, and it takes time to update definition files to detect it.
First of all, there is very, very little "new" malware. Ok, there's lots, but very, very little thereof actually becomes a problem. There are only so many that actually become a worldwide problem. What happens is that big malware packages that actually constitute a problem come in thousands, if not millions, of variants. Often just differing in some minor points, like their C&C server, their encryption, their packaging... think of a biological virus that mutates just a little while having essentially the same payload. Modern AV toolkits come with very sophisticated heuristic algorithms that can to some extent find simple mutations easily, as you can easily see if you watch the various AV kit tests closely. To test it, they take a signature file from a few months ago and test how many of the more recent attacks they can identify. It's not perfect, but some come close to 95%. No, that is not perfect. But we're far from "can only identify after the fact".
And even once that happens, once ring0 is compromised on a box, it is not possible to trust that box again without a full OS reinstall. Anti-virus programs can attempt to clean things up, OK for casual web browsing, but not for anything you must trust. The only safe recovery is a reinstall.
There is always the option to boot your machine with a known-clean OS and run a scan, which is bundled with pretty much all AV toolkits worth their salt today. Usually the CD you get with your AV toolkit is a Linux boot disc with a fitting scanner, most of the time working in a way that you slip in the DVD, boot the machine, get updates for the signature and have it scan your machine. If you don't feel like buying a AV toolkit, some of those scanners are also available online or as part of computer magazines.
The only way to practice safe computing is to *not run malicious software* in the first place. This is fortunately not difficult to do.
This is unfortunately NOT possible to do. At least if running Windows. And only because Windows is the prime target, dear Mac/Linux fanboys, those systems are by no means any safer. Just less interesting as a target.
You do NOT know whether the browser you use or any plugin it uses has any security holes. Adobe has recently been notorious for having security holes in its PDF reader and Flash Player for browsers. Now, you can of course avoid reading PDFs and watch Flash ... well, actually, often you can NOT. Many whitepapers only come in PDF format and more and more webpages are simply inaccessible without Flash. Now, of course you can run a few different browsers, each with different sets of plugins and whatnot... which still does not constitute perfect security.
The human brain is the only perfect anti-virus utility in existence.
You expect the average computer user to use it? I do not know what rays come out of computers, but it must be some kind of stupifying rays, they can turn people holding PhDs into bumbling fools. The alien mindbenders from Zak McKracken could not have come up with a better device.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
My list of serious bugs in AV products:
Panda (ancient versions) - failed to install correctly, impossible to uninstall. Two botched Windows XP installations.
BitDefender (relatively recent) - very messed-up definition file marked ALL executables as infected, putting them in quarantine. I still have the feeling any malicious executables would not have been marked.
Kaspersky 2012 - screws up Windows Home Server (v.1 and 2011) connector, has to be disabled for backups to work
McAfee - Won't even protect anything if the license has expired. Still bloats up your computer, though.
Norton - everything you've heard is true. It's impossible to uninstall, it's a resource hog, blocks stuff randomly...
The one exception so far is MSE - considering the amount of malware the others have caught so far (less than 10 times, if you count tests as detections), how light it is and how it doesn't piss you off, it's my favorite.