Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
VoodooShield
VoodooShield CyberLock 7.0
Message
<blockquote data-quote="danb" data-source="post: 991921" data-attributes="member: 62850"><p>Hey Guys!</p><p></p><p>Here is the latest version of VS, it should be perfectly stable.</p><p></p><p>When testing Follina, I discovered a bug in VS’s command lines when I did a repair install of Office 2013. It had nothing to do with Follina, but it was a very odd bug that had never been reported before. Basically, VS was unable to parse one of the command lines of the Office 2013 repair, so it created an exception. Anyway, that is fixed now, and I am assuming that if anyone had any issues with command lines in the last couple of years, that the issue is fixed now.</p><p></p><p>The Follina tests went great, and VS properly blocked the exploit with its Antimalware Contextual Engine / Anti-Exploit mechanism (as opposed to blocking the command line). It is okay to block exploits via suspicious command lines, but the only problem is that if there is not a rule for a certain suspicious command line, then there will be a bypass. This is why we prefer blocking by the Anti-Exploit mechanism, you are pretty much 100% certain it is going to block the attack.</p><p></p><p>But I did find two optimizations that I implemented in 7.13. First, when VS was OFF, it did not block Follina. This could go either way, simply because when the user downloads the exploit, they will either be running a web browser or email client. But just to be sure, VS now blocks exploits when it is OFF. And actually, before the Antimalware Contextual Engine, VS did block potential exploits even when it was OFF. I just never got around to implementing the potential exploit feature into the Antimalware Contextual Engine. The other change I made is that now when VS blocks a potential exploit, it will show the appropriate user prompt that does not provide VoodooAi or WhitelistCloud verdicts. Again, this is how VS used to work as well, and the reason we do not want to provide VoodooAi or WhitelistCloud verdicts is, for example, if VS blocks calc.exe via a potential exploit, then the VoodooAi or WhitelistCloud verdicts will both be Safe, making the user think that it is okay to allow.</p><p></p><p>There were a few other small optimizations as well.</p><p></p><p>VS 7.13</p><p>[URL unfurl="true"]https://voodooshield.com/Download/InstallVoodooShield713.exe[/URL]</p><p>SHA-256: 576280b93a4d9d40309586d688e539d84c9437fc4670770716221947a509387c</p><p></p><p></p><p>Thank you,</p><p></p><p>Dan</p></blockquote><p></p>
[QUOTE="danb, post: 991921, member: 62850"] Hey Guys! Here is the latest version of VS, it should be perfectly stable. When testing Follina, I discovered a bug in VS’s command lines when I did a repair install of Office 2013. It had nothing to do with Follina, but it was a very odd bug that had never been reported before. Basically, VS was unable to parse one of the command lines of the Office 2013 repair, so it created an exception. Anyway, that is fixed now, and I am assuming that if anyone had any issues with command lines in the last couple of years, that the issue is fixed now. The Follina tests went great, and VS properly blocked the exploit with its Antimalware Contextual Engine / Anti-Exploit mechanism (as opposed to blocking the command line). It is okay to block exploits via suspicious command lines, but the only problem is that if there is not a rule for a certain suspicious command line, then there will be a bypass. This is why we prefer blocking by the Anti-Exploit mechanism, you are pretty much 100% certain it is going to block the attack. But I did find two optimizations that I implemented in 7.13. First, when VS was OFF, it did not block Follina. This could go either way, simply because when the user downloads the exploit, they will either be running a web browser or email client. But just to be sure, VS now blocks exploits when it is OFF. And actually, before the Antimalware Contextual Engine, VS did block potential exploits even when it was OFF. I just never got around to implementing the potential exploit feature into the Antimalware Contextual Engine. The other change I made is that now when VS blocks a potential exploit, it will show the appropriate user prompt that does not provide VoodooAi or WhitelistCloud verdicts. Again, this is how VS used to work as well, and the reason we do not want to provide VoodooAi or WhitelistCloud verdicts is, for example, if VS blocks calc.exe via a potential exploit, then the VoodooAi or WhitelistCloud verdicts will both be Safe, making the user think that it is okay to allow. There were a few other small optimizations as well. VS 7.13 [URL unfurl="true"]https://voodooshield.com/Download/InstallVoodooShield713.exe[/URL] SHA-256: 576280b93a4d9d40309586d688e539d84c9437fc4670770716221947a509387c Thank you, Dan [/QUOTE]
Insert quotes…
Verification
Post reply
Top
