Advice Request Old Software is it ever safe to use?

Please provide comments and solutions that are helpful to the author of this topic.

Stopspying

Level 19
Verified
Top Poster
Well-known
Jan 21, 2018
814
I think that it depends on the software and the reputation of both it and its creator/vendor. I'll use ShadowDefender as an example here, the linked MT thread indicates users views on this software and the difference between how it has been maintained (the need for updating it) and the way that its website has been.

 
F

ForgottenSeer 85179

Let say it is discontinued or the developer stopped updating it ?

Anyway to safe guard old software or not really? Does it depend on what it is ? Curious if it is possible is all.
At worst (and most case) you can get infected by such software.
Only with AppContainer apps this isn't a problem yet.

You can try running the older program in a virtual environment. I use Sandboxie.
I recommend Windows Sandbox / using Hyper-V.

Sandboxie is a security desaster:
Sandboxie 5.26 allows a Sandbox Escape via an "import os" statement, followed by os.system("cmd") or os.system("powershell"), within a .py file.
 

Freud2004

Level 10
Verified
Well-known
Jun 26, 2020
440
Let say it is discontinued or the developer stopped updating it ?

Anyway to safe guard old software or not really? Does it depend on what it is ? Curious if it is possible is all.

The obvious answer ill be old software is must less safe. But it doesn't work like that, depends on the developer of the software.
Some software developers concentrated in resolving bugs and security issues other just in the bugs of their software, so it's not a linear thing.
So, my recommendations its update the software if you can, but if some old software its real necessary why not.
Install a good security solution, it will help to mitigate the lack of updates of some software.
For example, until a month ago I use Rocketdock, it's a software that don't have support since 2007, but I really like that dock now I have replaced for nexus dock.
 

plat

Level 29
Top Poster
Sep 13, 2018
1,793
Sandboxie is a security desaster:

Sandboxie 5.26 is a very old version, it's been revised a number of times since then.

Current Plus and Classic versions are 0.7.4 and 5.49.7 respectively. The current developer acknowledged there were glaring vulnerabilities and he fixed them. I use his software now without qualms. :cool::whistle::coffee:

 

show-Zi

Level 36
Verified
Top Poster
Well-known
Jan 28, 2018
2,463
I am interested in updating the files that are called and used, such as .dll.
My pc has a mix of different versions of .dll and .exe related to FFmpeg.
I recently read a topic about FFmpeg being updated. In this case, should I replace all the files with the latest ones?:unsure:
 

plat

Level 29
Top Poster
Sep 13, 2018
1,793
That's not the point. The point is that user trust such software and if it use insecure stuff like that, it cant be trusted at all.
This isn't a simple bug, it's an fatal design error.
Did you happen to read what the developer said in my Wilders link in post #7? What "insecure stuff" are you referring to? He fixed these vulnerabilities, he rebuilt a lot of SBIE code from scratch since it went open-source. There are several independent testers involved, he's not just throwing SBIE out there and saying: "It's safe, trust me." He has 22 contributors to his Sandboxie project alone,: check it out on his GitHub page.

If a security software is found to have "fatal design errors," I'll be among the first to discontinue its use. But one has to show me solid documentation. The developer is collaborating with independent testers since over a year already, like this one. I haven't heard of any recent Sandboxie bugs but you know something? HitmanPro got a patch to its kernel driver very recently. OMG a bug! 😱


OK, so some don't like Sandboxie, that's fine. BUT, give me proof of CURRENT issues! That's all I ask. 😒:whistle::coffee:
 

wat0114

Level 11
Verified
Top Poster
Well-known
Apr 5, 2021
547
If it's an old web browser not being developed and updated, then no way in my books would it be safe to use. Otherwise if it's some obscure utility for example, then it's probably safe to use. I think it really comes down to what hackers are targeting.
 

jackuars

Level 27
Verified
Top Poster
Well-known
Jul 2, 2014
1,688
If you are sure that the software is discontinued, just block the "old software" from connecting to the internet with a firewall, and let it run locally.

My preference would be for softwares that is maintained by their respective developers, unless the software that you are dealing with has no good alternative. Unless the software that you are using are critical to be updated, i.e browsers, password managers, antivirus etc, you are fairly safe.
 

jackuars

Level 27
Verified
Top Poster
Well-known
Jul 2, 2014
1,688
Except situation when outdated is firewall? :) I'm still using XP with Kerio 2.1.5 from 2004 :cool:
I admire you for still using XP in this era, when support for Vista, Win 7 and Win 8 ended a good while back. If it's system resources that prevents you from updating, I got one word for you, "Linux".
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top