KAV/KIS 2013 Beta - Final

Beta testing of the 2013 version has started. Build number is 13.0.0.2292.

Important! Before installing the build, be aware that:
-this is a beta version, instability is expected
-Application verifier and traces are enabled by default. This slows down the product drastically. You can read what Application verifier and traces are in the FAQ: http://forum.kaspersky.com/index.php?showtopic=161942

Before providing feedback about discovered bugs, make sure to read the FAQ.
The UI isn't finished, UI bugreports aren't accepted at the time being.
You may receive a warning from windows about unverified drivers during install, allow them as it's normal with this beta.
Download link: http://special.kaspersky-labs.com/3A8VCJNYOJN7JYU8HFUW/

Compatible with Windows 8 Consumer Preview.

 

Re: KAV/KIS 2013 Beta

A glance of what's new/changed (note, this is from my view, there's no official changelist posted).

-Safe run desktop/safe run for applications is removed. Safe banking is improved and is now tightly integrated with HIPS and Vulnerability scanner.
-Proactive defense is removed, its functionality is taken over by System Watcher and HIPS.
-System Watcher now has the ability to proactively detect exploits.
-there will be no new UI this year, it will be a 2012 based UI with some tweaks and facelift.
-There's a new "Secure keyboard input" option. It provides automatic protection against keyloggers when you're using the actual keyboard. Virtual keyboard still remains as an option.
-...and more.

 

Re: KAV/KIS 2013 Beta

I saw on their site that the UI is not finished and they are not taking any feedback on it yet. Don't know how much/if they plan to change it. Right now it looks just like 2012.

 

Re: KAV/KIS 2013 Beta

That's how the UI will look like, save for the obvious bugs of course (which is why they're not accepting bugreports- they're superfluous).
Source: http://forum.kaspersky.com/index.php?showtopic=111196&view=findpost&p=1812348
http://forum.kaspersky.com/index.php?showtopic=111196&view=findpost&p=1812352

Also, I forgot to mention, they plan on dropping support for TB plugins, much like other vendors.

 

Re: KAV/KIS 2013 Beta

This is gona be awesome! I can't wait to see the final version!

 

Re: KAV/KIS 2013 Beta

Same here - the best bit for me is the UI will remain same

 

Re: KAV/KIS 2013 Beta

I have no idea what you mean...

 

Re: KAV/KIS 2013 Beta

TB=Thunderbird, plugins=Anti-spam.

(regarding post #2, what's new/changed)

 

Re: KAV/KIS 2013 Beta

Ok, got it. Unfortunately Mozilla has caused themselves more problem than it was worth with the new versioning scheme, at least in my opinion.

 

Re: KAV/KIS 2013 Beta

So Kaspersky decided to dump the sandbox idea and go with HIPS like Eset. Very good idea.

 

Re: KAV/KIS 2013 Beta

and an important disclaimer : "Important: Kaspersky Lab is not responsible for the correct operation of beta-versions. Beta-testers are reminded that this is unreleased software and that crashes and system instability is to be expected. Beta-testers acknowledge this risk by installing and using beta-version software"

I know this the case with every product, but imp info none the less.

 

Re: KAV/KIS 2013 Beta

Not completely - the online Banking mode includes still some parts of it.
And not like ESET: KIS HIPS is older, was and is much more user friendly and stronger than the ESET thing. ;-)

 

Re: KAV/KIS 2013 Beta

Is the on-demand sandbox (when right-clicking an executable) still there?

I'm wondering what this means for KAV, which never had the actual HIPS but only Proactive Defense. Will it lose most of its PDM features like it did with 2009, or will there be some replacement for PDM in KAV?

KIS has had a HIPS since version 2009, and even before it there were some HIPS-like features in some components.

 

Re: KAV/KIS 2013 Beta

No.

It depends if SW (which is/should be available in KAV 2013) inherited all of PDM detection methods, or if a great portion of it went to HIPS.

Speaking generally about KAV/KIS, in 2011/12 there were some overlaps in SW/PDM detections. So, there are two possible cases:
-PDM detection methods rewritten and ported in their entirety to SW/HIPS. No loss of detection methods.
-SW/HIPS overlapped with the more important parts (the ones which detect malware the most, without causing too much alerts for legit apps) of PDM detection methods. Loss of some misc PDM detection methods after its removal.

The reason they removed PDM is because it was the slowest component in the suite, according to them.
I'll try to test it in more detail when a more stable build is released, this one is pretty broken.

 

Re: KAV/KIS 2013 Beta

I think i will follow the progress of kis2013. im surprised they havent provided any information as to the new and removed features yet since they normally like the tease the beta testers before any beta becomes available.
I agree that the current first beta build is practically unusable but thats what you expect from beta builds. Kaspersky seems to be taking more and more options away from the user which im not sure I like. first they took away the ability to do a custom install with certain components only and in the current beta build they dont even let you choose an installation path.

I feel this release should be about refinement rather than adding new features. kaspersky provides very good detection and removal of malware but it is heavy on resources. I think the cpu usage should be improved for both real time protection,updates and scan. I also think the disc space should be improved. I checked one of my customers systems running kis2012 and it was using around 800mb disc space which includes both program data and program files folder. other suites use far less disc space and provide just as good protection.

 

Re: KAV/KIS 2013 Beta

I work for a software company and we have done the same thing. It just makes support far easier.

I do hope that since they aren't going to update the interface this year that they do concentrate on making it a very solid and stable product. The UI is ok, not my favorite but at least it isn't the one from 2011. I hope they figure out hot to stop Firefox from flashing when you launch it. It has to be caused by their browser plugins.

 

Re: KAV/KIS 2013 Beta

Thought I'd post an update.
Build 13.0.0.2575 has been released http://forum.kaspersky.com/index.php?showtopic=232614
(it's a beta and still crashes)

General impressions so far are relatively positive.

I like where they're going with improved Safe Banking module- now it's much more comprehensive in blocking of tampering with Browser's process (duplicate handle, code intrusion, stopping process etc.), even windows native processes are blocked from tampering with the Browser, although that might change because it's causing some problems (Browser UI is a bit broken as a consequence).

As for the removal of PDM- I haven't tested it completely... so far keylogging detection is ported to System watcher completely. Some of the PDM.Trojan.Win32.Generic haven't been. Although while it might be disappointing to see that some detection methods are lost with removal of PDM, System watcher detection module can be updated at a later date.


The most disappointing thing, as with previous years, is the fact that some of the long running issues are still not fixed.
For example, Application control still doesn't treat regsvr32.exe as a host process and restrict its actions based on the module (.dll .tmp etc.) it's executing.

Here you can see a complete bypass of v2012, Sinowal infection via Blackhole exploit kit (recorded with http://www.screen-record.com/screen2exe.htm ): https://rapidshare.com/files/3343991270/KIS_2012_HIPS_bypass.zip

It's actual for 2013 but now I'm unable to find Blackhole exploit which uses regsvr32 like in the video. Application control, PDM and SW are pretty much useless because the parent process (iexplore.exe) is trusted and so is regsvr32.exe (due to the fact that Application control doesn't restrict regsvr32 based on the (untrusted) module it's executing)

The issue is present from ~4 years ago (with the first HIPS release in version 2009), something that should've been implemented properly from the beginning now requires my persuasions to the developers to treat the issue with higher priority due to the fact that Application control should be a proactive rather than a "reactive" component that is waiting for ITW threats exploiting the issue on a larger scale.

 

Re: KAV/KIS 2013 Beta

When is going to be released officially is 3 months enough? i dont know how fast Kaspersky labs go from beta to official but i hope its not like Norton, 6 months +

 

Re: KAV/KIS 2013 Beta

Purely speculation based on my remembrance of the last 2 years...
They usually seem to have a "final" build by June. It usually turns into a public release by August or September but the build in June is usually downloadable if you go and look for it.

 

Re: KAV/KIS 2013 Beta

Here are a few screenshots of the UI facelift and new/improved features.

 

Re: KAV/KIS 2013 Beta

Actually, no, that's only in the States

In the UK and other locations, Kaspersky normally release the final build in June. For some bizarre reason, the same build is then released in the States in September.

 

Re: KAV/KIS 2013 Beta

the loss of custom install kills it for me...and i hope they made it lighter this time around 2009 was great then came bloat and more each year imo

 

Re: KAV/KIS 2013 Beta

Very disappointed about KL's decision to remove the sandbox/SafeRun in v2013, find it extremely useful in v2012.
I guess nobody else found it that useful as nobody has mentioned it - so the decision for Kaspersky to let it go may have been the right one from a cost/benefit perspective unfortunately for me!

 

Re: KAV/KIS 2013 Beta

From my understanding it didn't do a lot for 64 bit systems. They were probably tired of complaints from the 64 bit users.

 

Re: KAV/KIS 2013 Beta

Is there already an official changelog for v2013 compared to v2012?