PrevX Vulnerability Test Released

Discussion in 'other anti-malware software' started by Jason_R0, Mar 8, 2005.

Thread Status:
Not open for further replies.
  1. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    http://www.ghostsecurity.com/index.php?page=prevx

    I have released a small test program which will show a vulnerability in PrevX (Home and Pro). The test is a simple EXE which you can run if PrevX is installed.

    I have been in contact with the developers for a few days now, however they don't seem to be interested in my findings. After receiving an automated support email 2 days later I finally got in contact with someone there. They did thank me for my feedback (basically ending the discussion) even before I had divulged the details of it. Hopefully once PrevX end-users begin to understand that there is issues with the software, the developers will be more willing to fix the issues at hand.

    I have no problem with the developers of PrevX and I admire the software from a technological standpoint. Hopefully this will be a benefit to the PrevX users somewhere down the line.
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,041
    Ah. There sure is more than one way to skin the cat. :D
     
  3. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    doesn't matter, it seems now that prevx is vulnerable for this kind of "exploit" ...
     
  4. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I know the developers sometimes respond to genuine problems by just fixing the issue, and there's an early beta coming up very soon, so hopefully that's the only reason for their lack of response. Thanks, Jason!
     
  5. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    Let's hope this is the case here. :)
     
  6. BassDude

    BassDude Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2
    Hi guys

    I wanted to explain this situation from the perspective of Prevx Technical Support. It is not my intention to be confrontational as this kind of feedback you are giving is invaluable to us.

    Jason sent in 3 one liner emails to us, the first one mentioning a 'problem'. One of my support engineers replied with a detailed standard email asking for more information. The reply from Jason came back saying he thought our driver was 'poorly coded'. At this point it was escalated to me and I replied asking why he thought it was poorly coded and what the issue was and to see if I could help. The reply came back that Jason had found 'vulnerabilities'.

    It seemed to me at that point that the information wasn't going to be provided to me in a straightforward manner, so I replied simply and politely thanking Jason for his feedback, hoping he would either reply to me directly with his findings or post a thread here or on his own site. I was aware all the time of Jason's involvement with Diamond CS and Ghost Security, and of his high standing in this community. So here we are.

    We at Prevx care a great deal about our users and our user feedback, as can be witnessed by multiple threads in forums throughout the security community (and my verbose reply here!) , and some of you in this thread will bear witness to that fact. As a sign of our commitment, we provide and always have provided live support for our freeware product, unlike most freeware providers. We encourage users to help us with beta programs and always take note of and input user feedback into our development efforts. I think we're all on the same side here.

    I am very grateful to Jason for raising this valid vulnerability in our current driver. I am happy to tell you that our latest driver coming out of development already fixed this vulnerability. The message coming back from Jason's exe when run with Prevx running says 'If you can see this then the test has failed. Either you don't have Prevx or they have fixed the vulnerability.'

    Notok mentions above our brand new product currently in development, and he is quite right about this, it's a massive development effort, but it isn't deflecting me from customer support and focus. The new product will be launched end March/early April. I will be inviting users to join our Beta Program for this substantial ground-breaking release in the next week or two, I would be honored if you guys would take part and help out. Keep an eye on our official Prevx forum for the Beta Program announcement.

    Finally many thanks to Jason for making the effort and taking a forthright approach to this, it is very much appreciated by us here at Prevx.

    Regards

    Pete
    Prevx Support Team
     
  7. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    Hi Pete, yes I sent one line emails initially just because I am very busy and obviously what more do you need to know than "your driver has vulnerabilities in it" ? Usually when someone says "thanks for your feedback" that is the end of the conversation, and I understood that to be the case as obviously you did then? I guess this attitude was due to a new product being released soon and you can't really do anything about the existing version.

    I'm glad your future product(s) fix the vulnerability, I'll give it a test once it is publically released.
     
  8. BassDude

    BassDude Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2
    Hi Jason, no I wasn't intending to end the conversation, just very busy myself and didn't want to keep bugging you asking the same question over and over.

    Thanks for your support Jason.

    Pete
     
    Last edited: Mar 9, 2005
Loading...
Thread Status:
Not open for further replies.