GesWall 2.6.Beta2 released

Have any of you tried Geswall 2.6 beta on Windows Vista? Is it stable?

dja2k

 

Is there a new Beta available that fixed the Keylogger Test problem?

Thanks.

 

As far as I know still no new beta.

 

So no one has tried to run Geswall 2.6 Beta2 on Vista? I tried to installed it but keeps telling me, "the installer was interrupted before completion, please restart installer". Maybe I should report that to Geswall.

dja2k

 

That,s the right thing to do.

 

They responded back and its a know issue with a temporary workaround but will get resolved by final version.

dja2k

 

That,s good. Were u able to install?

 

Haven't tried the procedure yet, but I'll let you know. Probably do it today.

UPDATE:

The following procedure worked.

1) copy geswall.2.6.freeware.beta2.updated.msi into c:\windows\system32
2) in Windows Explorer open c:\windows\system32
3) select cmd.exe
4) click right mouse button and select "Run as Administrator"
5) an UAC window will appear, click on OK to proceed
6) as result non-UAC instance of cmd.exe is started
7) type: msiexec.exe /i geswall.2.6.freeware.beta2.updated.msi

I didn't know it had to do with the UAC, but now I know. I wonder if you have UAC off, if this procedure is necessary.

dja2k

 

Latest beta download link,

http://www.gentlesecurity.com/files/geswall.2.6.beta3.msi

I am not aware what,s new in this beta.

 

The Anti-Keylogger Tests are now working correctly (Beta 3). Is Brian aware that Geswall failed the latest Windows cursor vulnerability?

 

@thankful

which geswall failed the latest windows cursor vulnerability? the latest beta (2.6 R3) or geswall 2.5.1?

ps. you tested this yourself? is there a site with the vulnerability that you can pm me so i can test it?

 

@zopzop

http://www.milw0rm.com/exploits/3634
http://www.milw0rm.com/exploits/3636

 

IE did indeed crash. but i checked the geswall log and everything was either "isolated" or "redirected". if the registry is intact and all the files created/downloaded are isolated, aside from the annoyance of shutting down IE, what damage can this exploit cause? geswall doesn't stop IE from crashing, but the rest of the system would still be safe no?

 

http://zert.isotf.org/tests/testani.htm

 

Not sure. If u have tested, it will be a good idea to post on their forum or mail them.

 

I have not tested the Windows vulnerability. Only responding to this thread :
https://www.wilderssecurity.com/showthread.php?t=170165&page=2,
post 32.

Sorry for any confusion.

 

How to use this test? Do I need to download zip files? then...?

 

Hi zopzop, the thread is here.

https://www.wilderssecurity.com/showthread.php?t=170165

 

U might be correct. Actually I can be sure only after testing it against a real exploit.

 

Found this so far, rest to follow.

 

i brought this up with the folks over at geswall aigle and they confirmed the system isn't compromised.

 

Thanks, I was expecting so. I did post a thread at their forums too.

 

So here is the complete list about what,s new in latest beta.

They are still unsure about sporadic Explorer isolation. It could be fixed
but due to tough repro they cannot confirm this yet.

 

aigle, what's the explorer isolation issue? this is the first i've heard of it.

 

Hi zopzop, see this post and related posts.

https://www.wilderssecurity.com/showpost.php?p=955425&postcount=27

There are two bugs, occassional episodic isolation of explorer in current non-beta, it is very rare and they are not able to reproduce.

Isolation of explorer in current beta is known and reproducable and still to be fixed.

I can confirm that this second bug is still there in latest beta.