AVG Free 9 offers speed, lacks etiquette
After giving its paying customers a few weeks to upgrade to version 9, AVG has announced its update for AVG Free 9.
For those unfamiliar with the popular freeware security tool, it provides only the bare necessities for protecting your PC, but that should be enough for savvy Windows users. AVG Free 9 introduces few new features, with improvements focused on performance, including claims of faster scan and boot times. AVG is claiming that scans are 50 percent faster compared with AVG 8.

That ad in AVG Free 9 can be easily hidden.
(Credit: Screenshot by Seth Rosenblatt/CNET)
AVG comes with a combined antivirus and antimalware engine, the proprietary LinkScanner for Web browsing safety, and e-mail scanning. Developed independently and bought by AVG in 2007, the LinkScanner tech performs two functions. It protects you from third-party code exploits before they load in your browser and it ranks search results.
Annoyingly, the AVG LinkScanner toolbar commandeers your default search choice and your home page, decidedly inappropriate behavior that a security vendor should really know better than to do. LinkScanner can be downloaded separately from AVG, too. The scheduler is robust, automating both scans and updates with multiple options.
The interface in AVG Free 9 remains nearly untouched from the last version, and generally it's easy to use. From the main window, though, you must double-click to get further information on any feature, whether virus scanning, LinkScanner settings, or updating. Streamlining this to one click would be helpful.

LinkScanner gives AVG some useful browsing protections, but it also overwrites your home page and search engine.
(Credit: Screenshot by Seth Rosenblatt/CNET)
When starting a scan, a slider makes it easy to jump between Slow, Automatic, and Fast scans: the faster the scan, the less comprehensive it is, so it's a good idea to take the program's advice and optimize your scans when you install. This will make that first scan faster. A slow scan took nearly two hours, while the fast scan completed in under an hour. A progress meter for these regular scans would've been useful, though. Should a virus create serious problems, AVG creates a rescue disk to scan your computer in MS-DOS mode.
Besides the LinkScanner problem, there are some other concerns with AVG. It doesn't tax your system in an obvious way when scanning or when running in the background, although CNET Labs determined that it will significantly slow down your system's boot time and will slightly delay shutting down. AVG detected some image files as threats, when two other security programs decided they weren't--these were fairly obvious false positives. There is an advertisement to upgrade at the bottom of the program window, but it can be easily hidden using the Hide Notification button.
AVG might not be the fastest or the most effective free security option, but it still gets the job done and you're better off with it.


Opera prepares Unite for release
Opera Unite was going to change the Web, according to the hype from the Norwegian browser maker. Despite only being available for a number of months in a beta separate from the main Opera build--and the Internet looking more or less like the same place in the aftermath--the release of Opera 10.10 beta for Windows, Mac, and Linux indicates that Unite is about to become a standard Opera feature.

File sharing from the first Opera Unite beta in June 2009.
(Credit: Screenshot by Seth Rosenblatt/CNET)
Unite is basically a peer-to-peer system designed through the browser, but its API allows users to create feature-rich apps using only HTML, CSS, and JavaScript. By default, Unite comes with six apps: photo sharing, an instant messenger based around My Opera, file sharing, a Web server, a media player, and "the fridge," a communal place to share short notes with friends. When Unite was released during the pre-Opera 10 beta testing period over the past summer, it was generally stable and didn't significantly impact Opera's performance. A free My Opera account is required to use the Unite features.


WinZip 14 preps for Windows 7
One of the best-known Windows utilities, archive creator and manager WinZip updates to version 14 with the future in mind--the future of Windows. The new features in WinZip 14 are aimed squarely at Windows 7 users, with extensive support for Windows 7 libraries, recent archives in the jumplist, and tool tweaks to bring them more in line with the new operating system. Certain file types can be previewed from within an archive in Windows Explorer, and basic touch screen support.

WinZip 14 includes extensive Windows 7 support.
(Credit: Screenshot by Seth Rosenblatt/CNET)
With archive previews, you can click on an archive and the files it contains will appear in list form in the preview window. The jumplist features your most recently opened archives from across your system, tasks such as opening an existing archive, creating a new one, creating a new WinZip job, and burning a new ZIP to CD or DVD.
Included in those WinZip jobs are linking Windows 7's libraries to ZIP files, making it possible to keep up-to-date archives of specific files or entire libraries. The job scheduler and automatic e-mail options are restricted to WinZip Pro, but it's still handy to be able to create and run library archives.
WinZip 14 also includes minor security enhancements. New automatic wiping keeps confidential data secret by "shredding" the temporary file that WinZip creates by default whenever it opens an archive. This prevents those temporary files from being recovered. The shredding uses U.S. Department of Defense standard DoD 5220.22-M.

WinZip 14 archive preview in Windows 7
(Credit: Screenshot by Seth Rosenblatt/CNET)
WinZip 14 now also supports the built-in AES encryption in Intel-based computers, speeding up the time it takes to encrypt an archive. This builds on the encryption overhaul from last year's version, which included customizable password requirements and enhancements for determining how, if at all, encryption would be enforced.
WinZip 14 retains its large feature set, including drag-and-drop support, content-sensitive previews, better JPEG compression that can see JPEG-only archives up to 20 percent smaller, Zip from Camera, and the deep context menu support enables you to perform most of WinZip's functions on the fly. Zip from Camera, and automated archiving for backup purposes, are limited to the paid upgrade, as is rotating and resizing of images within an archive. Keep in mind that multitouch support on Windows 7 is limited to rotating pictures previewed from WinZip archives.
While installing you should keep an eye out for the Google Toolbar and the "WinZip Computing" that collects anonymous usage data--both are opt-out screens. Even with these drawbacks and the useful features that are restricted to WinZip Pro, WinZip 14 remains among the best compression programs available, providing all the features necessary to create easy backups, compress e-mail files, and manage downloaded files from the Internet.


Critical Windows 7 holes fixed in record Patch Tuesday
Microsoft released a record number of 13 bulletins for 34 vulnerabilities on Patch Tuesday--and the first critical update for Windows 7--as well as fixes for zero-day flaws involving Server Message Block (SMB) and Internet Information Services (IIS).
The most severe of the three SMB flaws, which were first reported last month, could allow an attacker to take control of a computer remotely by sending a specially crafted SMB packet to a computer running the Server service. Exploit code for one of the SMB holes has been posted to the Web, Microsoft said.

Windows 7 is affected by two critical patches intended to mend vulnerabilities that could allow remote code execution if a malicious Web page were viewed, one part of a cumulative security update for Internet Explorer and the other in .Net Framework and Silverlight.
The official release date for Windows 7 is October 22, but the new operating system has been available to some large businesses with volume licenses since the summer. The code was finalized in July.
Other critical patches in the security bulletin for October fix a vulnerability in Windows Media Runtime that could be exploited if a user opened a malicious media file or received malicious streaming content from a Web site or application, and if a specially crafted ASF (Advanced Systems Format) file is played using Windows Media Player 6.4.
Among the critical updates: a cumulative security update of ActiveX Kill Bits that is being exploited and that affects ActiveX controls compiled using Active Template Library (ATL); and another patch resolving several vulnerabilities in ATL ActiveX Controls that could allow remote code execution if a user loaded a malicious component or control. ActiveX and ATLs were the subject of an emergency patch Microsoft released in July.
The final critical bulletin fixes a hole in Windows GDI+ (Graphics Device Interface) that could allow an attacker to take control of a computer if the user viewed a malicious image file using affected software or browsed a malicious Web page.
"Microsoft has repeatedly had to fix problems related to the Graphics Device Interface in Windows, and vulnerabilities in the component have been exploited broadly in the past. We can expect that security researchers will be looking to reverse-engineer today's patches, which may very well lead to exploits being created," said Dave Marcus, director of security research and communications at McAfee Labs.
Related "For the Record" podcast, with Symantec's Ben Greenbaum
Listen now: Download today's podcast
Nine of the vulnerabilities were previously disclosed, which meant that attackers had time to come up with so-called "zero-day" exploits before the patches were available, Marcus noted.
The most alarming vulnerability in the mix is the SMB flaw, which was introduced by the patch for a different vulnerability, according to Josh Phillips, virus researcher at Kaspersky Lab.
Andrew Storms, director of security operations at nCircle, said the bug that is likely to have the biggest impact will be the critical one that affects Windows Media Runtime and involves a speech codec bug that has limited exploits in the wild. "This is a typical file-parsing issue and similar to vulnerabilities that have allowed attackers to create drive-by attacks that infect unsuspecting video viewers," he said.
Meanwhile, the critical SMB vulnerability is relatively difficult to exploit given default firewall conditions, but the IIS bugs are easy to exploit, Storms added.
"The sheer volume of the bulletins and patches is extreme," said Jason Miller, senior data team leader for Shavlik Technologies. "This is really going to affect administrators. It's going to be very challenging because of the time and research that's going to be needed" to patch systems.
Also released were five bulletins rated "important" to fix vulnerabilities in IIS, for which exploit code has been publicly released and for which there have been limited attacks, along with Windows CryptoAPI, Windows Indexing Service, Windows Kernel, and Local Security Authority Subsystem Service.
The update for Windows CryptoAPI relates to flaws in the way domain names are verified on the Internet, which could allow attackers to impersonate a site and steal information from unsuspecting Web surfers. The holes were revealed by researchers Dan Kaminsky and Moxie Marlinspike at Defcon in August.
Affected software includes Windows 7; Windows 2000; Windows XP; Windows Vista; Server 2003 and 2008; Office XP, 2003, and 2007; Microsoft Office System; SQL Server 2000 and 2005; Silverlight; Visual Studio .Net 2003; Visual Studio 2005 and 2008; Visual FoxPro 8.0 and 9.0; Microsoft Report Viewer 2005 and 2008; Forefront Client Security 1.0; and Office software including Visio, Project, Word Viewer, and Works.
The installation also removes the Win/FakeScanti Trojan, which displays fake malware warnings and then asks computer users to pay for fake antivirus software.


New Ad-Aware offers behavioral detection
Lavasoft has updated its popular malware and spyware detection and removal tool Ad-Aware. Rather than a dramatic redo, version 8.1 builds on the improvements made in the previous version. The new version is faster, has better removal abilities, and introduces a behavioral detection engine.
Ad-Aware 8

Called Genotype, Ad-Aware's heuristic-based behavioral detection engine isn't explicitly called out in the interface. However, I noticed that files that had been flagged falsely as threats in earlier versions were no longer called out as such, and the Quick Scan was able to complete in about three minutes, as opposed to 10 minutes in the previous version. These are empirical observations, of course, but this version's improvements should be easy to see for longtime users of Ad-Aware.
Removal techniques have also been improved. Lavasoft is calling the new system Neutralizer, although it's not called out as such in the program interface. What users will see is a "family" of grouped similar threats, such as cookies, the category of the threat, and the action taken. The program defaults to the Recommended action, which means you need to click on the drop-down menu to the right of the listing to see what action will be taken on a per-threat basis. The big action buttons introduced in version 8 still reside at the bottom of the window, which feels further than necessary--it'd be better to have the action button closer to where the mouse already is, at the top of the window.
There is one big change to the interface in v8.1. At the bottom left corner of the window, there's a toggle to switch between Simple mode and Advanced mode. Simple mode is for users who are set-it-and-forget-it types, with fewer options displayed. Advanced mode allows for deeper settings customization. There's also a gaming mode, so that full protection continues to run while you play games or watch videos, but detected threats won't interrupt your entertainment until you're done.

Ad-Aware's new Advanced mode, presenting more options by default.
(Credit: Screenshot by Seth Rosenblatt/CNET)
Fans of personalization get more skin action in this version, too. In addition to the included skins, the community support offered at MyLavaSoft now includes community-sourced translations and skins.
However, fans of the free version do not get all the features available in the paid upgrades. Antivirus is only for paying customers, and while rootkit detection is present, behavior-based heuristics and real-time registry protection are not. Ad-Aware Free cannot scan networked drives, and even a basic feature like the scheduler remains off-limits in the free version. The Ad-Aware toolbox for system tweaks is only available in the Pro version. I encountered a pop-up for the upgrade, although Lavasoft told me that this was an infrequent occurrence. Ad-Aware Plus is available for $26.95, and Ad-Aware Pro is $39.95, and both have a 30-day trial.


Next Firefox can detect computer orientation

The upcoming version 3.6 of Firefox will be able to tell if you're listing to starboard--and pass that information along to applications running in the browser.
That's because the browser will be able to detect the orientation of laptops and mobile devices equipped with accelerometers that can tell which way is down. The reason for the work: Web applications running in the browser will be able to use the information, useful for labyrinth-type games with virtual marbles rolling around boards, and any number of other gaming situations.

A demonstration application that shows Firefox adjusting a Web page graphic according to how a MacBook is tilted.
(Credit: Screenshot by Stephen Shankland/CNET)
Mozilla evangelist Christopher Blizzard announced Firefox's coming orientation interface Monday.
"One new feature that we're including as part of Firefox 3.6 is support for web pages to access machine orientation information if it's available," Blizzard wrote. "Many modern MacBooks and ThinkPads contain devices and drivers that expose this information. We've added support for Linux, Macs and some ThinkPads where drivers and devices are available."
Mozilla is working on the technology for mobile devices, too, where orientation-aware games are a big deal.
The move is one of many by browser makers eager to transform their software from passive receptacles for showing Web sites to an active foundation for interactive applications. Firefox 3.6 is scheduled for beta testing shortly and final release later this year.


Adobe fixes 28 holes in Reader and Acrobat
Adobe on Tuesday released a security bulletin that includes fixes for 28 vulnerabilities in Adobe Reader and Acrobat, including a critical hole that has reportedly been exploited in the wild in limited attacks.
Affected software includes version 9.1.3 of Reader and Acrobat; Acrobat 8.1.6 for Windows, Macintosh, and Unix; and version 7.1.3 of Reader and Acrobat for Windows and Macintosh. The vulnerabilities could cause the applications to crash and could allow an attacker to take control of a user's computer.
Adobe recommends that people update to Adobe Reader 9.2 and Acrobat 9.2, or Acrobat 8.1.7 or Acrobat 7.1.4. For Adobe Reader users who cannot update to Adobe Reader 9.2, Adobe has provided the Adobe Reader 8.1.7 and Adobe Reader 7.1.4 updates.
One of the updates addresses a hole that Trend Micro says has been exploited by a Trojan horse that arrives as a PDF file containing malicious JavaScript. That exploit affects Microsoft Windows 98, ME, NT, 2000, XP, and Server 2003, according to Trend Micro.
"All users of Adobe Reader or Acrobat will need to update their software with today's release because these updates include fixes for the most critical kind of bugs," said Andrew Storms, director of security operations at nCircle.
This is Adobe's second quarterly security update for Adobe Reader and Acrobat.

No comments: