Request: Update notification for non-MS products

Discussion in 'ESET NOD32 Antivirus' started by SmackyTheFrog, Mar 17, 2010.

Thread Status:
Not open for further replies.
  1. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    I like the patching notifications in v4. We enforce host health checks for VPN access on our mobile users and making sure they have OS patches is a requirement for access. Having the Nod32 console warn people about this is another method to get them to patch their systems before they pick up the phone call and start asking dumb questions. However, we also need to enforce patching on other things that run as a browser plugin such as Flash, Acrobat, Java, and Quicktime as they are proving to be just as effective of a vector for getting on a system as OS exploits. Would it also be possible to generate a notification for when these types of 3rd party updates are available as well?
     
  2. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
    Let me ask the other way:
    How would you implement? (plugins, hardcoded)
    Would that interfere with softwares built-in updater (if any)?
    Would you pay for that implementation? (per plugin, per Software, anything else)

    Flash has an updater itself - and it works - why dont you use it?
    Same for Java, Quicktime, RealPlayer and many more.

    I dont really consider your request as useful for the mass of users.
     
  3. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    If the automatic updaters were doing their job, we wouldn't see things like Firefox having to ban out of date flash plugins. The user base now understand that OS patches from Microsoft are related to security, but they rarely understand that patching 3rd party software is just as critical to maintaining system security. Automatic updaters get shrugged off as a nuisance. If there was an alert coming out of the antivirus software console saying that their old versions of plugins were also exposing their system to risk, I believe the average user would be more inclined address them as they are conditioned to know that notifications coming out of AV software are security-related.

    I could see it easily being implemented as a plugin: pull down an xml file with current major programs using browser plugins, do a WMI query to see what is currently on the system and compare version numbers, if something is out of date turn the shield yellow and give a notification pointing them to the manufacturer download page. I know it is a bit more complicated than checking for windows updates since that can just tie in to the WU APIs, but as a business user with laptops in the field and users being granted admin rights it would be very useful and I would be willing to throw money at it to get features like that.
     
  4. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
    i dont see here any problem with the common used software.
    maybe there are conflicts with other tools which prevent those routines.

    BTW i forgot secunia PSI which is already present - and for free
    http://secunia.com/vulnerability_scanning/personal/

    And - Mozilla do this job also for free due those fake and malicious software
    which labels itself as eg. "flash 0.1" (similar)

    nevertheless im out here - Eset would make a wise decision.
     
  5. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    Product management has been notified of your request to extend support for latest version checking beyond Microsoft programs to software from Adobe, Apple and Oracle/Sun.

    Regards,

    Aryeh Goretsky
     
  6. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    If this, ahem, request is considered by ESET for a future build, I hope it will be as easy to disable as Windows Updates :ouch:
     
  7. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    I'm not sure that other applications provide access to that feature via a COM object like UpdateSession that is part of WUA.
     
  8. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    I would hope so, since annoyance software like Adobe and Sun Java are difficult to update, imo, they should not be intergrated.
     
    Last edited: Mar 18, 2010
  9. Matthijs5nl

    Matthijs5nl Guest

    Please don't let ESET get bloated. Everybody likes ESET because it does what it should do.
    Although this is a small thing to add, it still is bloatware. Like said, most products already include an updater, and they work. If people aren't uptodate that is because they choose not too update, since it is mandatory. Just like Windows Update, you could select not to include an update.
    I already think the notifications of Windows Updates in ESET are redundant, something called Windows Update is created to do that.

    I am also scared ESET Smart Security will get more bloated too, because I heard ESET was thinking about Parental Control. Which would completely ruin ESET's reputation for me, Parental Control is bloatware and got nothing to do with security. Only with annoyance. Also I don't hope ESET will come with some Tune Up or Backup. To be honest I bought ESET NOD32 because SS includes Antispam, which in my opinion is already bloatware. Most programs/providers got antispam, and most people use webmail anyway.
    If ESET is thinking of new program components they should only consider things which are about security. For example, an HIPS addition to the firewall, or Behavior Blocker to the Antivirus.
    Please don't let ESET get like all the others.
     
  10. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
    parental control is IMO a nice thing - the windows built-in control is only for IE i guess (never used it).
    back to the idea - eset need to have additional personal to update and add
    those informations eg to that mentioned XML file - otherwise the focus on
    the main product(s) get lost (assuming so).

    >> the notifications of Windows Updates in ESET are redundant

    already turned off - same reason. and if windows update is turned off
    eset notification fails too.

    Hips/Behavior Blocker - yes, should be next major. other products have it already.
    but they use an online database which is not actual present this time for end-user.
    on the other hand there exist several tools for hips which work perfect in harmony with eset.
     
  11. Matthijs5nl

    Matthijs5nl Guest

    The same goes for update notifiers and parental control. Google it and you'll find a lot and also good ones. In contrary to parental control hips has to do with pc security. Next to that i think the majority of ESET users are not parents. If they add parental control, they should atleast give you option not to install it. And by not installing I don't mean disabling, but not installing a SINGLE file or registry key.
     
  12. piranha

    piranha Registered Member

    Joined:
    Mar 21, 2005
    Posts:
    623
    Location:
    Laval, Qu?bec, Canada
    o_O False ! win update is turned off and eset notification works here. But dont work well...... my pc missed some update and nod notified me only after i update to XP SP3, weird......
     
  13. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Some folks like the Windows Updates feature Others dislike it.
    So, we have two camps, those that turn it off, as many users that I know do, no bias toward. The discussion is, wether or not to integrate more third party software notifications into this feature.
    My vote is no. :ouch:

     
  14. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
    your gui shows turned off - but the service is working - and eset relay on the
    service and its information in "C:\Windows\SoftwareDistribution"
    ok, i work more with manual update and manual search so the service is started manually.
    might help you this information...
     
  15. Proactive Services

    Proactive Services Registered Member

    Joined:
    Jan 10, 2006
    Posts:
    153
    Location:
    Petersfield, Hampshire, UK
    Out-of-date software is as much a security risk as malware is - I'm sure you all know the two go hand-in-hand nowadays. If an Eset product could automatically (and, if required, silently) update Acrobat Reader, Flash/Shockwave, QuickTime, Java, Mozilla products and the others that are targeted by exploits...well darn, I'd have a lot less viruses on my plate!

    I'd pay for this product or feature and so would all of my customers! I'd say this is a much more important step to securing a computer than supplying a duplicate firewall over and above that of Windows' firewall and that of your average router.
     
  16. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    My vote is NO.

    I have the windows update notification disabled on every machine I have installed it on. Seeing as how about 95% of the users see their NOD icon turn Orange letting them know they have updates available, but cannot update it themselves without admin privileges, it causes a lot of emails/phone calls that are unnecessary.

    If you set up your windows updates to download critical patches daily/weekly, I don't see where the need is to freak out users when their security software starts changing colors and making them think their system is screwed up.

    The users I work with on a regular basis, don't want to see anything at all on their screen that they don't need. So, all notifications are hidden unless absolutely necessary, threat alerts are sent to me via email, and windows update notifications are turned off. Their systems stay safe, and secure and I don't get a hundred phone calls every week when Windows pushes an update that NOD sees, but they don't have installed yet.

    Just like I disable all the notifications about every update from Java, Adobe, Quicktime, etc..
     
  17. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    I have already expressed my views on this, but, I'll throw my comments into the fray again :ouch:
     
    Last edited: Mar 22, 2010
  18. Proactive Services

    Proactive Services Registered Member

    Joined:
    Jan 10, 2006
    Posts:
    153
    Location:
    Petersfield, Hampshire, UK
    But what if the user receives no notifications? What if this feature silently updated these exploitable programs? I get emails every day of NOD32 stopping viruses that have managed to exploit all of these plugins etc., and every now and then NOD32 doesn't stop them.

    I agree that more alerts only serve to dilute a user's awareness of security problems. Maybe this feature could integrate into Windows 7's Action Centre to keep it central? And if not using Windows 7, it could integrate into Windows Security Centre and cause a normal "anti-virus alert". IMO this is much better than getting seemingly random notifications from a host of software that all look different! It is also *much* better than shutting off updates and notifications because these just leave the computer with the last line of defense - on-access scanning.
     
  19. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    Again, a big problem in my mind with this whole ordeal is, the majority of users don't have the necessary rights to do these software upgrades, installs, patches, windows updates, etc..

    So, since they are the ones that use the computers on a day-to-day basis, having anything telling them an update is available, their computer isn't up to date, anything about how their system is unprotected, when they can't do anything about it, is a bad thing in my mind.

    Case in point, when Eset pushed the module update for v3, do you have any idea how many calls and emails I got asking if they should click Yes or not, and that was something that could be done without needing admin privileges. Throw in an OS update that does, and the phone calls double.

    Sure, a lot of companies have an on-site IT guy that could handle this locally, but I service a lot of customers on a contract basis and do all their installs on a scheduled routine, or if they call and request it. Now, if every week when MS pushes an update, or java or anybody else that releases updates on a regular basis, these users will all start getting warnings, in whatever incantation, that their system is unprotected or an update is needed.
    You'd be surprised how paranoid some people can get about their systems when everything is running fine. Throw in a message telling them their system isn't secure and the sky is now falling.
     
Thread Status:
Not open for further replies.