McAfee 10.x...ActiveX?

[QBgreen]

Is the latest version of McAfee's VirusScan still using ActiveX?

[The Maxx]

Yes it is.

Quote:

Originally Posted by QBgreen

Is the latest version of McAfee's VirusScan still using ActiveX?

where i can found free mcafee 10??

[ajcstr]

Can someone explain to me why this is an issue? I have seen this as a reason why people will not use McAfee, but I don't understand the risk.

[Don Pelotas]

Quote:

Originally Posted by hjuiy

where i can found free mcafee 10??

Nowhere.

[Eliot]

If you have Comcast for your ISP, it will find you.

Is McAfee AV the same in all its different marketing avenues... so is the Comcast version the same as the US DoD version, or the same as what I'd download from mcafee.com?

[Graystoke]

The Comcast version is the same as the one from McAfee.com.

[The Hammer]

Quote:

Originally Posted by ajcstr

Can someone explain to me why this is an issue? I have seen this as a reason why people will not use McAfee, but I don't understand the risk.

It would not be an issue for me, as Xp prompts me for permission to install any active x and I can turn off active x in explorer.

[zcv]

Quote:

Originally Posted by The Hammer

It would not be an issue for me, as Xp prompts me for permission to install any active x and I can turn off active x in explorer.

I suspect it would - McAfee won't update w/o ActiveX running.

Someone wanted to know what the risks are:
http://forums.net-integration.net/in...showtopic=3051

Even MS thinks (finally) that it's a risk:

Quote:

By Gregg Keizer, TechWeb News

The Internet Explorer development team has revealed details of upcoming key features that will land in the next beta of IE 7.

Among the features demonstrated Tuesday at a Microsoft Professional Developer Conference presentation, then outlined on the IE team's blog, were Quick Tabs and Page Zoom.

Other new features, said Wilson, will include something he dubbed "ActiveX Opt-in," that will set most ActiveX controls (even those already installed) as disabled by default. Users can selectively enable controls as necessary.

http://www.techweb.com/showArticle.j...=test1_rssfeed

This BTW is one of the few times that MS will actually practice "Default Deny" security philosophy - long overdue.

Regards - Charles

[The Hammer]

Quote:

Originally Posted by zcv

I suspect it would - McAfee won't update w/o ActiveX running.

Regards - Charles

I know, so I would just leave it at prompt. The point I was making was simply that the security issue could be dealt with in a simple manner and because of that is overblown. I wonder if Starrob left any of that popcorn behind? Microsoft is simply giving users the increased control some have been clamoring for in IE 7. I will leave it at that as I know were going off topic.

[zcv]

Hello Hammer,

I know, so I would just leave it at prompt. The point I was making was simply that the security issue could be dealt with in a simple manner and because of that is overblown.
Two points here - prompting, ok you would, but average users would not, I've seen it countless times, compounded by how often the updater component wants to check for updates - could be as short as every 5 minutes - I know NIS under certain conditions will check from every 5 minutes to 4 hours.

What's overblown? Have you looked at any figures on the number of systems that are infected with unwanted adware/spyware? It also depends on the sites - if everyone stuck to security forums there would be no problems, obviously that's not the real world.

Besides which AFAIK, there isn't any security reason on the part of McAfee to do this - their Control Center is an Ad center, that's the reason for the ActiveX: marketing.

Microsoft is simply giving users the increased control some have been clamoring for in IE 7. I will leave it at that.
LOL, MS can't catch a break.

Regards - Charles

[JRCATES]

Quote:

Originally Posted by zcv

Besides which AFAIK, there isn't any security reason on the part of McAfee to do this - their Control Center is an Ad center, that's the reason for the ActiveX: marketing.

Regards - Charles

I have to disagree with this statement. McAfee was using Active X when it was a standalone AV and long before the Security Center ever came into play, and the idea of the Security Center being an "Ad center" is definitely misleading (for those not knowing what it is, and trying to decipher your comment).

[bigc73542]

Microsoft is going to give control of activeX to the user in IE 7 but activeX is still required to use windows updates

[The Hammer]

Quote:

Originally Posted by JRCATES

I have to disagree with this statement. McAfee was using Active X when it was a standalone AV and long before the Security Center ever came into play, and the idea of the Security Center being an "Ad center" is definitely misleading (for those not knowing what it is, and trying to decipher your comment).

I agree with you ,but it is a statement commonly made by reviewers of McAfee products in computer mags and on their web sites.

[zcv]

Hello JRCATES,

I'm not disparaging the quality of the AV/firewall - so lets get that out of the way.

There always was a version of CC, it just may not have been called that. The first time I saw McAfee run was in late 2003 - AV only. There were constant reminders/notifications to install the firewall, even though the user of course had a 3rd party firewall. After a while, I would call that badgering. Since then these kinds of "notifications" have grown to encompass whatever products McAfee sells. Reminds me of AOL fair enough, everyone has a right to push their products, but anyone contemplating it's use ought to be informed that that's what you get.

Regards - Charles

[JRCATES]

Quote:

Originally Posted by zcv

There always was a version of CC, it just may not have been called that. The first time I saw McAfee run was in late 2003 - AV only. There were constant reminders/notifications to install the firewall, even though the user of course had a 3rd party firewall. After a while, I would call that badgering. Since then these kinds of "notifications" have grown to encompass whatever products McAfee sells. fair enough, everyone has a right to push their products, but anyone contemplating it's use ought to be informed that that's what you get.

Regards - Charles

Hi Charles, fair enough....although I first used McAfee in 1999, and there was no "Security (or Control) Center" then.....at least, not with the standalone anti-virus subscription that I had. I never had a problem with McAfee, but like so many others, after my subscription expired I decided to "shop around", and try out some other products (because you never know what you like best and what is truly effective until you experiment a little). After a few years of using competing brands - and running into and having numerous problems - I went back to McAfee since I had not had those problems when using it. That is when I noticed that they had began including the Security Center as part of the product. Other than being told what a user's "security rating" is according to McAfee's products and protection guideline, I really don't find it bothersome.....but I'm using the Security Suite, so that probably explains that. For others using another firewall or that do not have SpamKiller or Privacy Service installed, being told their "security rating" is not perfect would probably disturb me a little as well, so I understand what those complaints about it are and can see the legitimacy of them. But to me, the system tray icon is one of the LEAST annoying icons that I have ever seen, and I'm surprised that so many seem to have this major problem or issue with it (unless it is black rather than red, and then I can understand somewhat - LOL)........

thanx man

[ellison64]

I wanted to use a 30 day trial for mcafee personal firewall 7 and was disappointed with the security centre aspect of it, and i must agree it acts more like an ad or promotion centre for mcafee products (imo).The first thing that popped up was how i could save 20 pounds on thier suite...mmmm.As security centre and the firewall was listed in add/remove programs i thought id uninstall the security centre ,because i didnt want any antispam functions ,or antivirus functions ,or ads from mcafee telling me how to save money if i did want them.On trying to uninstall it said i had to uninstall all mcafee processes first which includes the firewall so you cant run it without the security centre.I uninstalled it all after about 1 hour because of the security centre baggage.Im sure it may have another valid purpose ,but theres no denying that its also to promote mcafee products.
ellison

[zcv]

McAfee is the only security software AFAIK that demands the use of IE's biggest secuity hole: activeX.

It uses it to run that dog & pony show called the Security Center.

Regards - Charles

[gates]

ActiveX or not, I will use McAfee anyway. It is nice product.

[zcv]

It is a excellent AV/FW product, but there are others that are equal or better and thankfully they don't, as of yet anyway, feel they have to put on a show.

Regards - Charles

[Howard Kaikow]

Quote:

Originally Posted by QBgreen

Is the latest version of McAfee's VirusScan still using ActiveX?

Even if it does, what's the issue?

Does McAfee allow 3rd part software to access its ActiveX objects?

[zcv]

Hello Howard,

ActiveX has been a notorious source of insecurity in IE for years, one of the biggest security rationales for alternative browsers, especially Firefox.

If you go into IE's Security tab > custom level, and go through the activex settings, do you see anything there enabling you to select for McAfee? I don't, they are blanket settings, aren't they?

The point is, whether McAfee allows or doesn't allow access to its own activex setting, activex has to be enabled across the board in IE.

Regards - Charles

[Howard Kaikow]

Quote:

Originally Posted by zcv

Hello Howard,

ActiveX has been a notorious source of insecurity in IE for years, one of the biggest security rationales for alternative browsers, especially Firefox.

If you go into IE's Security tab > custom level, and go through the activex settings, do you see anything there enabling you to select for McAfee? I don't, they are blanket settings, aren't they?

The point is, whether McAfee allows or doesn't allow access to its own activex setting, activex has to be enabled across the board in IE.

Regards - Charles

Many programs use ActiveX with no harm at all.

The problem occurs ONLY when a program, such as a browser, allows a 3rd party to slip an ActiveX critter onto your computer without your permission.

ActiveX from within the installed program is not the problem.
If McAfee is just using ActiveX internally, that's not a problem. If they are allowing oter ActiveX critters to execute, then there can be problems.