And again, you use extreme exceptions to try and prove your point. Exceptions don't make the rule. When has Microsoft delayed a critical update for "an entire month"? Only never. But even if you assume a critical vulnerability in the operating system (or Flash) goes unpatched for awhile, that IN NO WAY suggests (1) there is malware already created, released in the wild and already widely distributed ready to exploit that vulnerability. And most importantly (2) that security programs are incapable of blocking that malware before any payload is dumped on a users system. It just does not work that way, except, maybe, for zero-day exploits which are exceptions and very rare - thus again, don't make the rule. And in fact, zero-day exploits are just one of the reasons most security programs, including the basic Windows Defender, looks for behavior patterns, and not just an outdated Flash program or other vulnerable file. I say again, if your "fear mongering" was anywhere near as bad as you keep suggesting it is, the vast majority of Windows users (most of whom are NOT security experts) would already be infected and compromised. But that is just not the case. So go ahead and load your system up, but it is unjust of you to suggest things are as bad as you pose. FTR, I am NOT saying we can let our guard down. I am just saying with modern versions of Windows (especially W10) and good user discipline, we don't have drive around in Abrams Tanks to remain safe. A properly maintained, average car, and good defensive driving will protect us and our computers just fine.
I simply will direct you here: https://answers.microsoft.com/en-us...-release/ffdcb4f2-477f-4cc1-8940-b5455cad15db It is better to be safe and protected and INFORMED. Just in case. Edit: Fear mongering? No, not at all.
Except those were NOT "critical" updates as you previously suggested. Also, just because there is a vulnerability in the OS that is not patched, that does not mean security apps, including WD will not block any malware that attempts to exploit it. Now if you are like some who feel anti-malware software is not needed, then you would have a problem.
I was referring specifically to flash player. You don't consider flash player updates to be critical? I do! I'm a regular user, not a wiz, I'm looking at my Edge flash version and it's one behind the rest. Can your (anyone's) setup completely block or just detect? Any regular/high risk user who claims not to need anti-malware is out of his/her mind. This comment by default encompasses use of anti-malware, though some expert users configure their setups to run successfully without real time anti-virus/malware suites. Outstanding! I was having a little fun with this but now I'm done. Bye.....
I agree with Bill Bright that ever since Windows Defender became part of Windows, the number of computers infected dropped dramatically. I don’t have statistical data to support my statement, but I have had for many years to plug in large numbers of third party flash drives in my job, and before the introduction of WD most of these devices were badly infected. Nowadays I’d say 1-2 out 20 might have some malware detected by my AV. MS has done a great job with WD, it took some time but the results IMO are impressive, I am thinking of using WD when my current subscription expires…I also have a license for Malwarebytes which I used in the past, then I stopped using it in real time as there was a slight loss in performance speed, and later stopped using it altogether as there was no detection for several years. Nowadays what I do, I install Malwarebytes and HitmanPro in a virtual session roughly twice a year and run a full system scan for my peace of mind, but they have never ever found even a suspicious item… What this means is that my security system is good enough as is, and I don’t need any extra layer. However, I wouldn’t conclude that Malwarebytes is useless, it is a possible choice among many other malware applications, and it is particularly effective in cleaning up infected computers. I also would like to ask: how do people get infected? Honestly, I have never received bad attachments, affected by fishing scenarios, drive-by exploits, etc. I usually use the Internet for research and reading newspapers, but I have occasionally visited websites potentially dangerous, even the notorious Deep Web and Dark Web have never triggered anything untoward… I do get an alert from Avira’s web protection and/or uBlock Origin once or twice a month about a potentially infected website, but that’s it… Where are the thousands of new malware items created every day?
Same here, i agree with Bill as well, since Win8, i almost lost all my "infected-related" customers (which was my main incomes) so i had to stop my little business as a fulltime job... Now i have only network connection issues, driver issues, software installation issues, etc... i shifted my work from disinfecting the OS to optimizing the OS. The problem in this topic is that we are in a security forum, populated by people which are inherently paranoid to some degree and have a native distrust for Windows Native Security inherited from Win98/XP/Win7 (which is understandable because pre-Win8 OS sucks in security in all levels) but we are now in 2017 and with Win10 as default shipped OS (not Win7, or WinXP).
It's not paranoia if everyone is actually out to kill you! Although with WD's coordination with the AMSI interface (in W10), Windows Defender has improved and is excellent against various Scriptors. However this does not make up its lack in true zero-day coverage. Anyone with truly mission critical data on a system would be misguided in the extreme to put total trust in Windows native protection. This is not being paranoid- it's being realistic.
You know something, there could be a thread around here about the weather and there would be this multiple "Oh Microsoft/Windows 10, I just wuv you " sailing in, what is up with that? I, like other original commenters, was referring to Malwarebytes the whole time, though unlike Microsoft, Malwarebytes has all its eggs in one basket, get it?--and continuously harping on its current poor state of affairs isn't to my liking. If the current MBAM in its entirety works well for you, great! It sure isn't a universal thing and the software isn't fully trustworthy, not as it is right now. What's wrong with adding a standalone or two to Windows Defender? Nothing! Lighten up, nobody's "paranoid" or "fear mongering" around here.
For Geeks Like Us that understand current threats, concern should be considered less as Paranoia and more as Knowledge.
I'm glad you can confirm that recent Windows OSs with WD are a lot safer than in the past, given your exposure to infected machines... By the way I like your positive attitudes towards change, most people would have reacted negatively under the circumstances of your activity...
Thank you, to survive, one must adapt to the environment. im not like others who lie to their customers about Win10 because it hampers their business... The main annoyances i see now on home users are PUPs and browser toolbars...some browsers may have 10 toolbars at a time...mostly because people happy click and dont untick the checkbox.
I agree. Sometimes member that are interested in security and test different security software are being mistaken for being paranoid.
Exactly! A seen via the link in my sig, I've had a shop for years. I too have seen a huge decline in malware related problems starting with W7, but particularly since W8 and W10 were released with integrated WD, and automated Windows Update became reliable. Being a little paranoid when it comes to security is a good thing. It helps keep our discipline sharp so we don't let our guard down. But assuming all updates are "critical", or that Microsoft is going to purposely allow "critical" unprotected vulnerabilities go unpatched for 30 days is being overly paranoid! I consider "critical" updates to be critical - not all updates. And note Microsoft has many times in the past, and surely will again in the future, released "out-of-cycle" "critical" updates as necessary - which you can verify by checking your own update history. And contrary to what you want others to believe, not all Flash Player updates are critical. When threats are constantly being over-emphasized, that's fear-mongering, or at least the spreading of FUD - or a demonstration of a lack of understanding. I note there isn't even any evidence showing Tuesday's updates included any Flash Player updates. When facts and reality are overlooked or ignored, that's a paranoia trait. Fact: Malware infections are dropping. True, ransomware is going strong but even ransomware growth will plateau in 2017. But again, how do defend against ransomware? Not buy adding layers and layers of programs. You do it same old way. You (1), keep your OS and security programs updated. (2) Don't be click-happy! 91% of ransomware is downloaded by the user clicking on an unsolicited link! And (3), keep current backups. Did you "stop" getting infected after you installed HitmanPro Alert and your other extra layers or security? I agree, and especially with your categorization of these as "annoyances" as, with a few exceptions, of course, annoying is what most of those are. "PUP" itself simply means "potentially unwanted". That in no way implies any sort of security risk. In fact, MBAM/MB3 often identifies a couple programs on my systems as PUPs that are wanted programs. You also illustrate another great point. I always warn my clients, friends, and family to always - as in EVERY SINGLE TIME - select the "custom install" option when installing any program (or even program updates). If you simply click away and go with the easy default install option, you typically will NOT be offered any opportunity to "opt-out" of installing those extra toolbars, extra programs, changing of search engines or home pages. I appreciate developers need to feed and shelter their families so I really don't mind these offerings - especially with free programs line CCleaner, Foxit Reader, etc., as long as they provide an opt-out path. **** For those interested in security, I highly recommend subscribing to the Department of Homeland Security's US-CERT Cyber Security Bulletin Vulnerability Summaries. This will give you the true perspective of the newly discovered vulnerabilities, including that for Flash Player which you have to go back to Jan 9 to find any High Vulnerabilities.
This is a rambling diatribe, not a meaningful discussion about anti-malware. You seem to have parted company with what I personally have been saying a while ago. You've gotten a bit abusive here. As I said: lighten up.
A lot of these responses are correct. Modern OS's have become more secure with default securities. The main vulnerability/weak point now days is "the user" and either lack of safe cyber habits or a general lack of caring "which I see often". Something that is rarely bought up in discussions as such, is geolocation. Where an out-break of a certain malware may be more prevalent in one geolocation, it will not be for another. Not to mention a good portion of malware ends up targeted at Corporations/Businesses and Government. There is, and it is quite evident, a lot of fear mongering going on in security forums and websites. You will see users describing their "Fortress systems" running so much security I'm quite surprised their systems are even still useful. A balance of security and usability is key now days, as it should have always been. Back-up's becoming the most essential part of that security set up. As for Anti-malware, are they still useful, sure they are. There may come a time when you are careless, tired, or plan just in a hurry and lose sight of your careful habits momentarily and may need to clean up your system. Or they can as with most of them, add a complimentary layer of security "especially on shared systems" if you have concerns and want to bolster it some.
Actually some weeks ago, I received an email, which had passed our company's filters.It claimed to have been sent from a person who wanted to work for us. I scanned the CV (word-file) at Virustotal and it included a script virus. Detection rate was something like 6/55. I also opened it in Sandboxie and my AV was silent (Does Sandboxie allow execution of scripts?). But generally speaking, nowadays help from the user is usually needed to get one's PC infected. I miss the good old days. Cleaning PC:s from malware was fun.
That's your opinion. I say misrepresenting the threats and claiming people need security apps they don't need is not meaningful. Using rare and extreme exceptions (such as "broken suites", and critical Flash updates going unpatched for entire months, implying all Flash updates are critical) in an attempt to make your point is not meaningful, or helpful. OF COURSE I have parted company with you. As have several others above! Why? Because you have been saying people need apps they don't need. Because you have been exaggerating the threats. You are misinforming others reading. I am truly sorry and apologize if you feel I have been abusive to you. Not my intent. My intent is to ensure readers have the true facts, not exaggerated or misrepresentations of the facts. The facts are, if you keep Windows and your primary standard anti-malware application current, and most importantly, you avoid risky behavior, you will remain safe (unless a professional badguy is specifically targeting you because he/she knows you have something valuable they want). But as I noted earlier, regardless our primary defenses, we should have a secondary scanner available just to make sure our primary, or us as users, did not let something slip by. And I like and recommend MBAM/MB3.x for that. Agreed. And let's not forget that any decent anti-malware solution worth its salt uses several different techniques to (1) detect and block malware from coming into our system or already installed on our systems and (2) detect and block suspicious or malicious activity or behavior BEFORE any payload delivery or damage can be done - even IF a newly discovered vulnerability exists in the OS or one of our installed programs. It kept the paychecks coming for my shop but I never thought it fun. In part because malware infestations are like 99% of all accidents - they are preventable. But also, because malware removal often involves lots of log analyzing and I did too much of that in the military! Lastly, I didn't think if fun because most users are woefully lax at keeping current backups of the data they cannot afford to lose, or would be heartbroken if lost. And sadly, not only does the malware itself often destroy data, there is often collateral damage done during the malware removal process. And I found it heartbreaking to tell clients their computers were now clean, but the pictures of their kids or other loved ones were irretrievably lost forever.
Great questions. By far, most infections happen when the user clicks on some unsolicited link, download, attachment, or popup. The problem is, some of these bad guys are very clever and these links and malicious webpages and emails look entirely authentic, thus tricking the user into thinking they are legitimate. But simply clicking on those links does not mean the computer will become infected. It just means the malware made it through the door. And while that's certainly bad enough, it does not mean it can do any damage. That happens only if the malware is then able to exploit some vulnerability that already exists. And those attempts can typically be thwarted by keeping Windows and other programs, especially our security programs updated. So how do people get infected? Most often by letting the badguy in and by not keeping our computers updated. Let's not forget that most security programs, even Microsoft's Windows Defender, gets updated at least once a day, often several times a day. So while this month's Patch Tuesday updates may be delayed for a month, that IN NO WAY means Windows Defender updates will be delayed. As for where are the 1000s of new malware being created every day? All over. Some is state sponsored from Russia or China. Others from the whiz kid next door.
As I recall, I was infected only once. It was several years when I was browsing through a social network and clicked on a link that seemed not to be malicious. At that very moment a popup of Avast! was fired warning me that it blocked the execution. I did not need to download anything, just clicked the link that automatically downloaded and executed the malicious code. Is this kind of attack much harder to do today with browsers like Chrome and Edge or are they still going on? I got curious.
Here is just one example of what Bill is try to say. This is a targeted attack on a company in Saudi Arabia and what kind of social engineering techniques were used. I am not saying this type of attack would ever hit a home user. http://securityaffairs.co/wordpress/56327/malware/shamoon-attack-chain.html
I note most browsers are able to thwart many attacks just by watching for malicious behavior patterns too. But sadly, some folks disable them though I don't understand why. They do not impact speed or performance in any noticeable way - except when they stop a potential thread dead in its tracks. I was infected only once too. But it was MANY years ago and was done via the "sneakernet" and it was my work computer, not my home computer, fortunately. A co-worker brought in a floppy disk from home that had a boot sector virus on it. We accessed the floppy throughout the day with no problems, but forgot about it and shut down the computer that night. The next morning, the floppy was still in the drive and when the computer was booted up, it tried to boot to the floppy, which then activated the virus. That immediately prompted two policy changes (work and personal). (1) No more floppies from home were allowed. And (2), all computers (including my personal home computers) were re-configured to not allow systems to boot from floppies. Today, that means none of our computers can boot from any external drive, without temporarily reconfiguring the BIOS again.
I remember back in the 90's a co-worker placed a floppy in my computer. I think it was an autoexe.bat file that read format c: or something close to that. Was also hit at work last year by the Powerlics. I think the boss clicked on that email attachment and it hit everybody still on XP and my only win7 pc.
It was likely autoexec.bat - commonly used on floppy and hard disks in DOS based systems to configure systems during boot.
It is a good question, I'm not sure really, but it also depends upon the configuration of 'Restrictions', although even if executes in the sandbox it should not affect the system.
