Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Author Archive
September 26th, 2014

What is the Bash bug, and how do I prevent my systems from being Shellshocked?

Shellshock is a newly discovered security flaw that has been around for 22 years, and works by exploiting the very nature of web GUI.

Shellshock

Working in the same way as SQL injection, Shellshock allows users to insert Bash (a Unix-based command processor, or shell) commands into a server via a web form or similar method, and exploits the very nature of environment variable handling, which is that after assigning a function to a variable, any trailing code in the function will be then executed.

Where the SQL injection vulnerability allows a hacker access to the database, Shellshock gives the hacker an authentication-free access to the server, which makes it much more powerful. With this type of access, one with malicious intent could create a worm that could multiply and reproduce the exploit across entire networks to collect or modify data, or open other security holes that would otherwise be closed. Though Bash does not natively run on Microsoft Windows machines, it can be ported, but it is not yet known if the vulnerability will remain present.

Ok, so I get it, it’s dangerous. Am I vulnerable?

Absolutely.

Why?

Because Unix has a much wider grip on our networks than most people can really appreciate. Due to its ubiquity, everything from routers and smartphones, TVs, cars and more could be exploited. Worse, is that many of those devices are very difficult to update. Your home router, for example, has control of all your incoming and outgoing network traffic, and if someone has that, not only do they have the potential to collect your data, but to enable ports, disable the firewall, and further their access into your network infrastructure. With that being said, if you are running any versions of Unix or Mac, and haven’t familiarized yourself with this vulnerability, you’re well overdue.

Luckily, many vendors have now patched for Shellshock by updating Bash, but at this time, Apple users should wait for an update.

I’m running Unix. What do I do now?

First, it’s best to find out if you’re affected. Specifically, are you running Redhat, Ubuntu, Fedora, CentOS (v5-7) CloudLinux, or Debian? If so, then run this command to find out if you’re vulnerable.

$ env x=’() { :;}; echo vulnerable’ bash -c “echo this is a test”

If you see nothing but “this is a test,” you’ve successfully run the exploit, and you’ve got some work to do.

Luckily, most Linux distributions have issued fixes, so you can simply run your update manager. For those who haven’t, you can do so manually by running the following commands:

yum update bash

OR

sudo apt-get update && sudo apt-get install bash

Help, I have a Mac!

Are you infected? Run this command from your shell and find out.

$ env x=’() { :;}; echo vulnerable’ bash -c ‘echo hello’

If you’ve got Mac machines in your environment that can be exploited, you can disable the exploit by temporarily changing the default user shell. For IT administrators that have the know-how, get started right away – but for those that have to ask “how?,” it’s best to keep your eyes peeled and wait for an official update from Apple.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

April 3rd, 2014

How to reset your avast! Administration Console password

When Albert Schweitzer said “Happiness is nothing more than good health and a bad memory” he could not have possibly known how unhappy future Systems Administrators would be when they have a scheduled maintenance window to deploy anti-virus clients throughout the domain, only to realize that the password to log into the console has been forgotten. If this is happening to you,  it may provide you some comfort in knowing that I’ve been there, but luckily enough for me (and you, my forgetful friend), there’s a pretty easy way out of a potentially disastrous situation. With that being said, it brings me great pleasure to publish a guide on a topic of which I am so familiar.

“Enough about your bad memory! How can I reset my password already?!” You say?
Well that depends on which console you’re using. If you’re using SOA, read below. If you’re using EA, click here to jump straight to it. Regardless, be sure to be logged in with administrative privileges, as they will be required.

How to reset the password for avast! Small Office Administrator

To reset the Small office Administrator password, enter the following into a command prompt:

“C:\Program Files\AVAST Software\Administration Console\Avast.Sbc.Service.exe” –c password -p NewPassword

…where:

“C:\Program Files\AVAST Software\Administration Console\Avast.Sbc.Service.exe” is the installation path to the file. And –c password –p NewPassword are the application switches. Do leave –c password intact, but change the newpassword field to the password of your choice.
If the application cannot be found from its default installation path, simply search for it from the Start menu, and when you’ve found it, right click it and go to properties. The fields target and location will provide the full path, though you will have to add the file name [Avast.Sbc.Service.exe] and the switches described above to the end.

 The results should look like this: The screenshot below will change the password to “NewPassword”

b1

If you have entered the command successfully, you’ll get the confirmation message below. Read more…

Categories: How to, SMB/Business Tags:
Comments off
March 5th, 2014

How to reinstall the avast! Endpoint Protection client

howto2_enRecently we started a new corner in our blog, SMB/Business, to talk about the avast! business product line. We will focus on topics which are come up during our conversations with resellers and their clients.

Today we will present a quick guide to answer this question:

How can I correctly reinstall the avast! Antivirus client?

Whether you’ve used avast! Antivirus for a long while, manage a large organization, or simply installed the wrong product,  it is imperative that you understand the correct uninstallation procedure before installing a different avast! Antivirus product.

The following guide will help you through the process.

  1. 1.  Navigate to add/remove programs, and uninstall the relevant avast! Antivirus product.
  2. 2.  Download avastclear.exe from here, and save it to your desktop.
  3. 3.  Start Windows in safe mode. (Safe mode is an operating mode that uses only the most fundamental driver and application set required to start the operating system.)

Windows XP, Vista, 7

To get to safe mode in Windows XP, Vista or 7 –  Restart your machine, and continuously tap the F8 key. You will then be presented with an Advanced Options Menu, where you can chose to boot from safe mode.

Windows 8

To get to safe mode in Windows 8 –  Go to the start screen and type Advanced into the search field. When the search results appear, click the settings category and navigate to the Advanced startup options screen.  Clicking restart now will take your computer directly to the advanced startup mode, from there click troubleshoot, then at the startup settings menu press F4 to enable safe mode. Your machine will then restart to safe mode.

  1. 4.  Open the avastclear.exe file you downloaded, and navigate to the root of the previous installation directory. Ex: C:\Program Files\AVAST Software.
  2. 5.  Click remove and restart your machine.

endpoint

Using the add/remove programs in Windows is not always 100% effective

Enjoy our business solutions! To find more information about SMB products, please follow this link: http://www.avast.com/business

For our existing business partners we also offer products training, which can be found here: http://avast.enterprisetube.com/

Ask a question on the User Forum

Thousands of avast! Antivirus users as well as avast! team members gather on the popular forum to help users-in-need with their questions. It helps to read the rules and practice polite netiquette at all times.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

Comments off