Qihoo 360 NSA Cyber Weapons Defense Tool

Discussion in 'other anti-malware software' started by Gandalf_The_Grey, May 24, 2017.

  1. Gandalf_The_Grey

    Gandalf_The_Grey Registered Member

    Joined:
    Jan 31, 2012
    Posts:
    476
    Location:
    The Netherlands
    Very curious what this tool does exactly....

    https://blog.360totalsecurity.com/en/wannacry-ransomware-attack-nsa-hacking-protection-tool/

     
  2. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    6,500
    Location:
    U.S.A. (South)
  3. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    3,088
    Location:
    DC Metro Area
    Sounds like it just checks to see if your system is up to date with patches

    "To protect users against the WannaCry Ransomware and other incoming cyber attacks, 360 Total Security has developed a NSA Cyber Weapons Defense Tool. This tool can assess if a computer is immune to exploits derived by NSA Cyber Weapons. When vulnerabilities are found, users can apply all the security updates necessary to defend against cyber attacks."
     
  4. Gandalf_The_Grey

    Gandalf_The_Grey Registered Member

    Joined:
    Jan 31, 2012
    Posts:
    476
    Location:
    The Netherlands
    From MajorGeeks.com:
    http://www.majorgeeks.com/files/details/360_nsa_cyber_weapons_defense_tool.html

    I'm not sure but it seems it did the same on my computer.
     
  5. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    702
    Location:
    Baden Germany
    It scans for missing Microsoft security updates and installs them.
    It comes with KB4012598 and kb4012213, supporting all vulnerable OS versions.
    You don't have to download them, they are both included.

    To have a look inside NSATool.exe, use WINrar
     
  6. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,402
    >
    That is what it does. I ran it on my XP desktop, and I got a Windows Update.
    ScreenShot_NSA Cyber Weapons Defence Tool_01.gif > ScreenShot_NSA Cyber Weapons Defence Tool_02.gif > ScreenShot_NSA Cyber Weapons Defence Tool_06.gif >
    I got my first Windows Update on XP since 2014 ScreenShot_NSA Cyber Weapons Defence Tool_07.gif
     
  7. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,402
    I just reran the tool a short time ago, and got the all clear on XP.

    ScreenShot_NSA Cyber Weapons Defence Tool_09.gif
     
  8. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,234
    Location:
    USA
    I wonder if it's any different than Eset's tool that checks to make sure all Microsoft patches are up to date. Eset has had this feature for years. It would be a plus if it checked commonly exploited applications like Adobe products, Java, Browsers, etc.. to make sure they are all up to date. There are good applications out there that already do this though. I think a feature like this should be part of every AV Product.
     
  9. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    702
    Location:
    Baden Germany
    It's different, because the Qhioo tool does include the patches
     
  10. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,234
    Location:
    USA
    Eset redirects you to Microsoft update to install the patches yourself so not really that big of a difference to me. I feel bad for those that don't know how to run Microsoft update. They will always be lost in matters of Cyber Security.
     
  11. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    702
    Location:
    Baden Germany
    I guess Qihoo released this tool to patch billions of cracked Windows installation, that have update disabled...You know.
     
  12. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,234
    Location:
    USA
    Ok, makes since as long as it works. Once infected, it could be hard to reverse the damage by simply patching. I hope it works well for it's intended purpose.
     
  13. askmark

    askmark Registered Member

    Joined:
    Jul 7, 2016
    Posts:
    252
    Location:
    united kingdom
    Which is a very bad idea. Patches should only ever be downloaded from the official site. Otherwise you could install a hacked patch.
     
  14. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    6,005
    It's not a bad idea at all, as it will enable the patches to be installed on computers which have issues running Windows Update. If you download the tool from Qihoo's website, then you will get the orignal patches from Microsoft included. If you were to download if from somewhere else, I guess there is a very small chance you could get a hacked version.
     
  15. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    2,750
    Location:
    Nebraska, USA
    Whatever it does, according to some it does NOT do it very well. :(

    NSA Cyber Weapons Defense Tool
    Verdict 1 out of 5 Stars
     
  16. askmark

    askmark Registered Member

    Joined:
    Jul 7, 2016
    Posts:
    252
    Location:
    united kingdom
    We'll have to agree to disagree on this one ;)
    If you can't use Windows Update then simply download the patches manually direct from the Microsoft Catalog Web site.
    IMO you shouldn't put your trust in a third party app when it comes to provision of OS patches.
     
  17. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    2,750
    Location:
    Nebraska, USA
    I'm with askmark on this one. If a computer has issues running Windows Update, fix Windows Update.

    I note years ago, long before Window Update, Secunia PSI and Filehippo were often used to report when updates were available. But often, these "man-in-middle" programs caused more headaches than they were worth. Even when they worked, the programs often alerted us to updates before these added programs did.

    The numbers just don't line up. Sure some people have had problems with WU but the fact is, the vast majority of us have had no problems at all. Since 2009 when I migrated all my systems to W7, I decided to "just let Windows do it". And I think since then, only twice have I had an update break/fail. And the break was cleared by a simple reboot and the fail cleared in a week or two when MS re-released the update.

    And of course, just about every other program today has its own update routines to the point of being a nuisance! So except for Windows and my security apps, I have disabled "automatic updates" so I don't have a dozen+ autoupdates running full time in memory, "phoning home" all the time. I note most other programs like CCleaner, CPUz, Belarc, etc. will check for updates next time you start them. So keeping our systems updated really is easy - IF we just let them.
     
  18. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,882
    Used this today to update a friends Vista comp. I had earlier download the fix from MS, but all it did was try to connect WU to MS, which just got stuck several seconds after the attempt and never completed, for some unknown reason ! Why the supposed fix needed to use WU ?

    Anyway the qihoo-360-nsa-cyber-weapons-defense-tool showed it was vulnerable & installed the update after a reboot with no issues.

    So MANY thanx to qihoo-360 :thumb:
     
  19. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    6,005
    I agree that fixing Windows Update is a better option. However, on computers running Vista, there appears to be no way to fix Windows Update. It can take well over 24 hours to check for updates on a Vista computer. In the past, this could be fixed by manually downloading and installing some updates. But recently on multiple computers, this has not worked. On the other hand, it seems that Windows Update on Windows 7 is now finally fixed, and it no longer takes hours to check for updates.
    Until very recently, it would take hours to finish checking for updates on Windows 7 computer which had not been updated for a while, or had a clean install of Windows 7.
     
  20. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    702
    Location:
    Baden Germany
    Checkout Final update list for Windows Vista: http://wu.krelay.de/en/Vista.htm perhaps it helps.
    Best practice: disable automatic update, reboot, install the patches, reboot, search for updates.
     
    Last edited: May 26, 2017
  21. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    6,005
    Thanks. When I last used Vista, I did install every update listed there for Vista, but I see that there are some updates on the new final update list which I haven't downloaded, which hopefully would help. Up until a few months ago, I had no problems searching for updates after installing the updates there.
     
  22. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    2,750
    Location:
    Nebraska, USA
    Fair point. But then since end of support for Vista was April 11th and Vista gone the way of the dinosaur and XP, maybe it is time to look at migrating to something more current.
     
  23. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    6,005
    I installed the updates listed at krelay.de as well as installing IE 9 as there was an update for that too, on a clean install of Vista. After that the check for updates took just minutes.
    I agree with you, and the recent WannaCry ransomware attack is an excllent example of why it's a bad idea to continue to use an operating system that no longer receives security updates. I was just interested to see if it was possible to fix the update issues in Vista. At least for Windows 7, Microsoft have finally fixed the update issues, and it works as it should without needing to manually install any updates first.
     
Loading...