NOD32 Vulnerabilities

Discussion in 'NOD32 version 2 Forum' started by gjmveloso, May 22, 2007.

Thread Status:
Not open for further replies.
  1. gjmveloso

    gjmveloso Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    26
    Source: http://www.frsirt.com/english/advisories/2007/1911

    NOW THE BIG QUESTION: WHERE LOCALIZATED .39 VERSIONS?

    Non-English and Non-Slovak NOD32 users can be exposed? Why? :'(
     
  2. De Hollander

    De Hollander Registered Member

    Joined:
    Sep 10, 2005
    Posts:
    718
    Location:
    Windmills and cows
    Contact your localize NOD32 distributor, they can tell you the time table. Translation from English to a localize version is not done by ESET.
     
  3. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    Why not just use the english version then? I fail to see the problem.
     
  4. Steel

    Steel Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    219
    You're kidding, aren't you ? :mad:
     
  5. Steel

    Steel Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    219
    Why aren't there still no located version 2.70.39 ? With difficulty conceivable, that such this two kinds of exploids only exits in English or slovakisch speaking areas.

    Also on the part of the Distributors there's absolutely no information to the customers about an 2.70.37 or 2.70.39.
     
  6. jftuga

    jftuga Registered Member

    Joined:
    Mar 9, 2007
    Posts:
    64
    Location:
    Athens, GA
    Does anyone how how I can tell what version a remote machine is running? I will not be able to update all of the computers that I manage from 2.70.32 to .39 at once, so it would be nice to know which version a PC is running.

    Thanks,
    -John
     
  7. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    Obviously you understand English just fine, so why not use the English version until a localized version is released or just use it for good? You don't see me complaining about a lack of Danish versions ...

    And no, I wasn't kidding.
     
  8. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    He does have a point. He could have expressed it a tad bit more politely, but it is an option, for those that are worried about it(the exploit) and can understand English , it is a temporary solution.
     
  9. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
    Temporary is better than not having a fix at all! ;)

    Cheers,

    TH
     
  10. Steel

    Steel Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    219
    You are right naturally. The tone makes the music. But you understood me very well, despite my bad English. There are two fixed important points only in the English and slovak versions,that cannot not be. After so many days it is known.

    This is absolutely inaccetable against full paying customers.
     
  11. Steel

    Steel Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    219
    And there are a lot of User which do not understand english enough, like me.
     
  12. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    I agree, of course. Especially now that the exploit is publicly known, Eset should expedite a fix for all versions of it's product. At the least, they should have delayed public notification of the exploit until all language versions were patched. Unfortunately they did not do it that way and left their users with the options of using an exploitable version or learning english rather quickly. This is but one of the reasons I stopped using their products, the lack of concern for their customers, sometimes they just don't get it.
     
  13. Steel

    Steel Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    219
    Thats the point. Surely, i could uninstall my german version and install the actual english version. But, tell me why ? Only for that reason, that i was safed against this two exploids ?

    I'm paying the same money as the other users. So i've the right getting the newest and actually version in my language. Because, if i install, for example, the english version, and there are some problems about any intern programm messages because of malware etc. i do not understand what i have to do in this situation, because i do not understand what the programm message mean.

    If they fix only some " minor" things, it was not so urgent release all versions at the same time, but actually in this case, the left their customers staying naked into rain.

    So i'm near by looking after an alternative, too. This, after using NOD for a very long time.

    Look at the Post from Marcos of May the 7'th as he said,
    " The German distributor only needs to announce it first. "

    Today's the 24 of May and nothing happens.
     
    Last edited: May 24, 2007
  14. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    No, no, no. They got the latest installers 2.70.39 for testing the day before yesterday and upgrade to 2.70.39 hasn't been tested yet either. IMHO, I don't think 2 days of testing is too long for a distributor.
     
  15. Steel

    Steel Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    219
    Actually still more badly. Particularly since the finished English and slovakische version already came out on 18 May.

    ESET US and ESET SK announced and push out both versions. First 2.70.37 and on May 18'th 2.70.39. All OTHER version were quietly on 2.70.32.

    The original, fixed software comes from ESET, right ? ESET US and SK offer new versions already, all different are still tested ? I do not understand, because, here doesn't have to be translated nevertheless still additionally?

    So, what is the difference between an finished English/slovakian Version and for example the German version?

    I mean, what has to be tested by the germans on a finished version, which is delivered already to English and slovakischen customers ?
     
  16. jdo2000

    jdo2000 Registered Member

    Joined:
    May 6, 2007
    Posts:
    6
    Hi,

    we are using NOD32 2.5 in the enterprise version on about 75 PCs. The installed version is in german. As mentioned in another Thread there is still no autoupdate to 2.7. If i understand it right the vulnerabilities are in ALL previous versions.
    Temporaly switching to the english version is not an option on 75Pcs.

    So as far as i can say, it is not very good to sleep in mind that there are 75pcs with a security hole and a working exploit in the wild.
    I expect from ESET (and it's distributors) to push out the new files asap.
    A company which works in the security business, has to react fast in such cases, for my opinion.

    Greetings JD
     
  17. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    You can contact your local distributor, there will be a special mirror with update files for all localized versions v. 2.70.39 available shortly.
     
  18. Steel

    Steel Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    219
  19. De Hollander

    De Hollander Registered Member

    Joined:
    Sep 10, 2005
    Posts:
    718
    Location:
    Windmills and cows
    Looks like those local distributors are faster or have more resources then the others..

    Btw: The Registered User Downloads Page has not been updated. The links shows .32 for france but the download is .39
     
  20. aieie

    aieie Registered Member

    Joined:
    Apr 13, 2007
    Posts:
    175
    Hi everybody :)

    I use the English version.

    As you see from this one, pasted from the information the program offer:



    ********
    NOD32 antivirus system information
    Virus signature database version: 2288 (20070524)
    Dated: giovedì 24 maggio 2007
    Virus signature database build: 9908

    Information on other scanner support parts
    Advanced heuristics module version: 1.059 (20070517)
    Advanced heuristics module build: 1153
    Internet filter version: 1.001 (20031104)
    Internet filter build: 1012
    Archive support module version: 1.052 (20070115)
    Archive support module build version: 1179

    Information about installed components
    NOD32 For Windows NT/2000/XP/2003/Vista/x64 - Base
    Version: 2.70.32
    NOD32 For Windows NT/2000/XP/2003/Vista/x64 - Internet support
    Version: 2.70.32
    NOD32 for Windows NT/2000/XP/2003/Vista/x64 - Standard component
    Version: 2.70.32

    Operating system information
    Platform: Microsoft Windows XP
    Version: 5.1.2600 Service Pack 2
    Version of common control components: 5.82.2900
    RAM: 1023 MB
    Processor: Intel(R) Pentium(R) 4 CPU 3.20GHz (3192 MHz)
    ******************

    the signature update but the program is still the old .32 version.

    Why it doesn't update?
     
  21. Steel

    Steel Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    219
    Maybe, but every year or everytime a new installer-Version comes out the same procedere ? o_O Btw. to change this, it is the problem of the distributor, no of their customers. And since i use NOD, it was allways the same.
     
  22. Megachip

    Megachip Registered Member

    Joined:
    Dec 4, 2006
    Posts:
    243
    @jdo2000

    I've got aprox. 400 german clients ;) and no answer from datsec...

    But i think they try there best... after all, they answer on mails, not like support from eset.com (no answer for 5 month).

    waiting on a quick release of the german PCU

    Regards
     
  23. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
  24. De Hollander

    De Hollander Registered Member

    Joined:
    Sep 10, 2005
    Posts:
    718
    Location:
    Windmills and cows
    It's at least frustratin. Eset provides a new version/update and then the costumer has to wait.

    But the problem about a localize version of a AV is not related to Eset only.
     
  25. Steel

    Steel Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    219
    May be, but in the meantime I do not believe in that however no more.

    Because, as I already said, since years the same egg dance. And, beautifully that at least they react to emails. But I expect however at any time, and without inquire, the newest version, for which I had paid.
     
Thread Status:
Not open for further replies.