Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Author Archive
August 7th, 2014

Russian hackers steal 1 billion passwords – now what?

Change your passwords every six months or after news of a breach

Change your passwords every six months or after news of a breach

Reports on “the biggest hack ever” recently surfaced. A Russian hacker group allegedly captured 1.2 billion unique username and password combinations.

With this latest security breach, AVAST encourages consumers to take necessary precautions. Change your passwords immediately and if you’re using the same password somewhere else, you must change it there, too. Choose complex passwords so it will be more difficult for hackers to de-encrypt them. In general, we recommend changing passwords every three to six months, or after news of a breach.

A password manager like avast! EasyPass helps encrypt and protect personal information online, with random, strong passwords. avast! Easy Pass generates complex passwords and removes the inconvenience of having to remember them.

If financial and credit card data is compromised in an online threat, AVAST advises users to monitor and check their accounts for unauthorized charges and to immediately report any suspicious activities to their bank or card provider.

Interested in reading more?

Try our articles on creating strong passwords:  Do you hate updating your passwords whenever there’s a new hack? and My password was stolen. What do I do now?

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

April 29th, 2014

Internet Explorer users: AVAST has got your back – for FREE

AVAST protects users running Internet Explorer.

Avast antivirus protects agains the Microsoft® Internet Explorer bug
Microsoft announced a new vulnerability in Internet Explorer, which allows attackers to execute code remotely, ultimately giving them full control over a PC. The vulnerability targets Internet Explorer versions 6 through 11 and was published under the name CVE-2014-1776. Out of all the Internet Explorer users, Windows XP users are most vulnerable as Microsoft recently stopped supporting the operating system and will therefore not issue any security patches, including one to fix this problem.

AVAST gave its word to Windows XP users that it would continue to protect them: AVAST has issued a new definition update which addresses this specific Internet Explorer vulnerability, protecting its users running Internet Explorer.

Windows XP users browsing on Internet Explorer in even more danger

On April 8, 2014, Microsoft ended its support for Windows XP, terminating automatic updates to the operating system, and even worse it will stop providing anti-malware signature updates as of next year. It’s remarkable that it has only been three weeks since the cut off and its users are already being confronted with a major security flaw, which will affect and put Windows XP Internet Explorer users at risk the most… Will this now make Windows XP users migrate?

Windows XP users: We promised we wouldn’t leave you hanging

Prior to the Windows XP support end date, AVAST committed to supporting Windows XP by creating protection modules and detections specifically designed to cover XP vulnerabilities and security problems for at least the next three years. Currently 45 million of our more than 200 million customers use Windows XP. Of those 45 million, more than 20% run Internet Explorer and our latest update 140428-1 covers them from the CVE-2014-1776 Internet Explorer vulnerability. Even with the update, we urge Windows XP users migrate from Internet Explorer to another browser. The latest version of Internet Explorer available on Windows XP is version 8, making it outdated and lacking a number of security improvements that were already unavailable before the official support end date. We recommend Google Chrome as an alternative to Internet Explorer, as it is fully compatible with Windows XP, updating itself automatically.

Explore the Internet with caution

Windows XP users aren’t the only ones at risk. We recommend users always use caution and think twice before opening any links. This particular flaw accesses deleted or misplaced objects in memory, thus corrupting the browser’s memory address space. This in turn gives attackers the opportunity to execute code remotely by hoaxing users via email or instant message to visit sites specifically designed to exploit the vulnerability. Once Internet Explorer users click on the malicious link, attackers can gain the same user rights as the person currently logged into Windows. This means if someone clicks on the link while logged into Windows in the administrator account, the attacker would have full administrative control over the PC and the data on it.

AVAST supports everyone

AVAST believes that everyone has the right to protection while using the Internet and therefore offers Windows and Mac users free antivirus. We are devoted to supporting all of our customers and do not believe in turning our backs on Windows XP users. All AVAST Antivirus users with virus definitions 140428-1 or newer are protected against the CVE-2014-1776 vulnerability.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

March 20th, 2014

The first eco-friendly email virus?

A few minutes ago, I noticed a new infected email landing in my inbox. The body of the email said:

Please find Attached Invoice payment format of Marina private ltd.

Thanks
Marina.A.Beg

Marina Private Limited
Plot No. 544-J, Pace City - II
Sector - 37, Gurgaon - 122 004
Haryana - Bharat

That’s pretty normal / boring stuff — and so was the attached ZIP file, which contained a run-of-the-mill sample of a well-known virus family.

However, what grabbed my attention was the footer of the email, which said:

Read more…

Categories: Uncategorized Tags:
March 17th, 2014

Another Data Breach Crisis Looms as Microsoft’s D-Day for XP Forces Security Scramble

win-xp-infographicOpinion by Ondrej Vlcek, Chief Operations Officer at AVAST Software

The termination of security updates by Microsoft to Windows XP will create severe security issues. The already rather unsafe operating system will face even more risks with the missing security updates, but the question is: Should Windows XP users be the only ones worried?

Microsoft recently announced that technical support will no longer be available for Windows XP as of April 8, 2014, ending automatic updates for the operating system. Microsoft will also eventually stop providing anti-malware signature updates to XP users, in 2015. Abandoning Windows XP is a big mistake, especially since Microsoft has not been very successful in transitioning XP users to newer systems. The AVAST database shows that 23.6% of its more than 200 million users is still running Windows XP.

XP users more susceptible to attacks than Windows 7 users

The abandonment by Microsoft will not only affect Windows XP users, but will create a big security problem for the whole ecosystem. Tens of millions of PCs running XP connected to the Internet, unpatched and without security updates, are just waiting to be exploited. The vulnerable OS will be an easy target for hackers and be seen as a gateway to infect other non-XP operating systems. Our telemetry data shows that XP users are 6 times more likely to get attacked than Windows 7 users and once Microsoft stops issuing patches, this can worsen.

The next Target-like attack is brewing

Home users are not the only ones who will be affected by the Windows XP support cutoff, according to reports*, 95% of ATMs in the world still run on Windows XP. These ATMs along with businesses still using Windows XP on their PCs need to be updated, or at the very least seek alternative protection. Medical offices that store confidential patient information and stores that keep customer details, such as credit card numbers, on their computers running Windows XP could easily be attacked. The Target data breach last year was conducted through a trojan that attacked the shops’ point of sales system. If businesses don’t keep their systems safe, we will, unfortunately, see more of data breaches like this. The news of the XP support cutoff was published a year ago, which means that IT professionals should be well aware of the change and the consequences it will have. For those who haven’t taken action yet, the time is now.

AVAST is devoted to protecting the PC ecosystem by not only supporting Windows XP for at least the next three years, but also by creating protection modules and detections specifically designed to cover Windows XP vulnerabilities and other security problems. We have already taken additional steps in our latest product release, avast! 2014, by making the product lighter, both in terms of speed and resource consumption, tailoring it for older machines still running Windows XP. In addition to the security value, avast! 2014 is offered for free, which is especially important for XP users. Upgrading to a newer version of Windows comes with costs, costs that not everyone can afford and is probably a big reason why many users haven’t upgraded yet.

Another reason to ditch Internet Explorer

In addition to Windows XP itself being a security risk, Internet Explorer on Windows XP poses an even larger threat. The latest version of the browser available on Windows XP is version 8, making it outdated and lacking a number of security improvements available in its later versions. Of our existing Windows XP user database, 21.5% run Internet Explorer, leaving themselves open to easy attacks. Google Chrome is a good alternative and is fully compatible with Windows XP, updating itself automatically.

Windows XP users will not be the only ones affected by the end of updates by Microsoft and should not be the only ones worrying about the end date. Users still running Windows XP need to act both proactively and responsibly to ensure safety for not only their own data and PC, but for that of others as well.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

January 25th, 2013

Introducing the New Avast Bug Bounty Program

Hello Avast fans!

No Bugs

It is my pleasure to officially announce the new Avast bug bounty program. As a security company, we very much realize that security bugs in software are reality. But we also realize that companies that are able to use their user communities to find and fix bugs are generally more successful that those that don’t. Therefore, we have decided to reward individuals who help us find and fix security-related bugs in our own software. This makes us probably the first security vendor with a reward program like this: I think it’s mainly because the other companies generally take the position that ‘Hey, we’re a security company. So we know security and it can’t happen to us.’ But in reality, that’s not what’s happening. Just look at bugtraq or the CVE databases and you will find that security software is no more immune to these issues than any other programs. A bit of irony, given that people generally install security software to fight security issues in the first place, isn’t it?

We at Avast take this very seriously. We know that being a market leader (Avast has more users than any other AV company in the world), we’re a very attractive target for the attackers. So, here’s our call to action: let’s unite and find and fix those bugs before the bad guys do!

 

Here’s how it works:

  • The bounty program is designed for security-related bugs only. Sorry, we’re not paying for other types of issues like bugs in the UI, localization etc. (nevertheless, if you find such a bug, we will of course very much appreciate if you report it).
  • This program is currently intended only for our product, i.e. not the website etc.
  • We’re generally only interested in these types of bugs (in the order of importance):
    • Remote code execution. These are the most critical bugs.
    • Local privilege escalation. That is, using Avast to e.g. gain admin rights from a non-admin account.
    • Denial-of-service (DoS). In case of Avast, that would typically be BSODs or crashes of the AvastSvc.exe process.
    • Escapes from the avast! Sandbox (via bugs in our code)
    • Certain scanner bypasses. These include include straightforward, clear bypasses (i.e. scenarios that lead to direct infection, with no additional user input), as opposed to things like deficiencies in the unpacking engine etc. In other words, we’re interested only in cases that cannot be mitigated by adding a new virus definition (please don’t report undetected malware)
    • Other bugs with serious security implications (will be considered on a case by case basis).
  • The base payment is $200 per bug. Depending on the criticality of the bug (as well as its neatness) the bounty will go much higher (each bug will be judged independently by a panel of experts). Remote code execution bugs will pay at least  $3,000 – $5,000 or more.
  • We might change these ranges based on the number and quality of incoming reports. Generally, the less reports we will get, the higher the bounty will go.
  • We will only pay for bugs in Avast itself. For example, if you find a bug in a Microsoft library (even if it’s used by Avast), please report it to Microsoft instead (it would be great if you could also notify us, but unfortunately, we cannot offer any reward in such cases).
  • The program is currently limited to consumer Windows versions of Avast (i.e.: Avast Free Antivirus, Avast Pro Antivirus, and Avast Internet Security). Only bugs in the latest shipping versions of these products will be considered.
  • Payment will be done preferably by PayPal. If you can’t accept PayPal (e.g. because it doesn’t work in your country), please get in touch with us and we will try to figure out something else.
  • Because of certain legal restrictions, we cannot accept submissions from the following countries: Iran, Syria, Cuba, North Korea and Sudan.
  • It is the researcher’s own responsibility to pay any taxes and other applicable fees in their country of residence.
  • In order to be eligible for the bounty, the bug must be original and previously unreported.
  • If two or more researchers happen to find the same bug, the bounty will be paid only to the one whose submission came in first.
  • You must not publicly disclose the bug until after an updated version of Avast that fixes the bug is released. Otherwise, the bounty will not be paid.
  • The bounty will be paid only after we fix the issue (or, in specific cases, decide to not fix it).
  • Some bugs may take longer to correct. We will do our best to fix any critical bugs in a timely fashion. We appreciate your patience.
  • Employees of AVAST and their close relatives (parents, siblings, children, or spouse) and AVAST business partners, agencies, distributors, and their employees are excluded from this program.
  • We reserve the right to change the rules of the program or to cancel it at any time.

 

How to report a bug and qualify for the bounty:

  • Please submit the bug to a special email address bugs@avast.com
  • If you’d like to encrypt your email (recommended), please use this PGP key.
  • A good bug report needs to contain sufficient information to reliably reproduce the bug on our side. Please include all information that may be relevant – your exact environment, detailed bug description, sample code (if applicable) etc. It also needs to contain a decent analysis – this is a program designed for security researchers and software developers and we expect certain quality level.
  • You will receive a response from an Avast team member acknowledging receipt of your email, typically within 24 hrs. If you do not receive a response, please do not assume we’re ignoring you – we will do our best to follow up with you asap. Also, in such a case it is possible your email didn’t make it through a spam filter.

 

Finally, I’d like to say thanks to everyone who helps to find and fix bugs in our products. Hopefully, this new reward program will take this initiative to a whole new level.

Happy [bug]hunting!

 

P.S. The bug bounty rules are also available on our main website here.

 

Categories: Technology, Uncategorized, Virus Lab Tags:
December 3rd, 2012

New Toy in the Avast Research Lab

The Avast Research Lab is where some of the Avast’s brightest brains essentially create new ways of detecting malware. These are either features inside the product (such as FileRep and autosandboxing, including all of its recent development) as well as components that run on our backend – i.e. things that users don’t necessarily see but that are equally important for the overall quality of the product.

In fact, working on the backend stuff takes up more of their time these days, as more and more intelligence in Avast is moving to the cloud and/or is being delivered in almost real time via the avast! streaming update technology. Read more…

October 23rd, 2012

New avast! program update [7.0.1473] is here!

Today, we have released a brand new avast! program update, version number 7.0.1473. It’s the last program update we plan to do before version 8 (slated for Q1 2013). I’d like to take this opportunity and explain some of its new features.

First and foremost, the new version is fully compatible with Windows 8 – scheduled to finally hit the stores this Friday. The changes we have made went well beyond just making sure everything works. For example, we had to replace the internals of the Network and Web Shields to accommodate the new networking APIs in Windows 8. Also, we had to make sure avast! plays nicely with the new Windows Security Center and that it correctly handles certain scenarios that are new to Windows 8.

This version of avast! will shortly be officially certified with the Windows 8 Compatible logo, and will be included in the new Windows Store.

Read more…

Categories: Technology Tags:
December 30th, 2011

Frequently asked questions about avast! Mobile Security

With the introduction of our new mobile product, avast! Free Mobile Security, we officially entered the mobile security business. While most of the feedback we have seen to date has been very positive, some of the reviews and comments on the Android market indicate that some people are a bit confused about the product and its features. This blog post was meant to explain some of the concepts and hopefully help resolve some of the confusion. It is structured as questions and answers. If you have additional questions, please feel free to post a comment below or head to our forum.

 

1. Why should I install a security product on my phone? There’s no viruses anyway, right?

First, it’s important to realize that the product goes well beyond malware protection. Components like Anti-theft, Firewall, SMS and call filtering and Application management are very useful irrespective of the malware situation and are all a good reason to install the product.

However, even the malware situation is not that great. To date, we have registered about 4,000 unique apps that exhibit malicious behavior. Most of them were pulled from the market relatively soon (some didn’t even make it to the market), but we dare to say that we can detect them faster.

Also, some of the threats are completely platform independent. A great example is phishing. Here’s how it works: you are sent a link to a website that looks and feels exactly like your online banking site, but in fact it’s a fake site whose purpose is to capture your credentials and steal your money. This has been a long-time classic on the desktop, but as people start browsing the web using their mobile devices it’s also becoming a problem here. Therefore, it does make sense to have an app that will alert you whenever you do something stupid like this (in case of avast! Mobile Security, the Web Shield component takes care phishing URL filtering). Especially given it’s free.

 

Read more…

Categories: Android corner, Technology Tags:
September 22nd, 2011

AVAST acquires mobile security app developer ITAgents

For those interested in all things Android, I have some exciting news. AVAST Software has acquired ITAgents, the Austrian developer of the Theft Aware mobile phone theft protection and recovery system.

The acquisition strengthens AVAST’s technology base and gives us a hands-on security app designed for today’s Android-powered smartphones. Read more…

April 11th, 2011

False positive issue with virus defs 110411-1

Virus definition update 110411-1 contained an error that resulted in a good number of innocent sites being flagged as infected. Generally, all sites with a script in a specific format were affected.

Our virus lab staff discovered the problem quickly after releasing the bad update and immediately started working on a fix. The fix was released about 45 minutes after the problematic update and has version number 110411-2. Anyone who still has this problem is kindly asked to manually update the definitions to the latest version, e.g. by right-clicking the avast taskbar icon (the orange (a) ball), and selecting Update -> Engine and Virus Definitions.

 

We sincerely apologize for the inconvenience. As this typically only affected remote sites (and not local files), simply updating to the latest definitions should completely solve the issue (no local files have been quarantined).

Categories: General, lab, Technology, Virus Lab Tags: