Security Alert for AVAST Users

As a result of listening to a couple Netcasts, I have been made aware of a security problem, if you use AVAST as your Anti Virus software. I have used AVAST for a long time, but it has now been removed from my MacBook Pro laptop.

I have replaced AVAST with SOPHOS, which I have used in the past.

This is just a heads-up to anyone using AVAST as their AV.

The following Netcast of Security Now covers the problem, but the video is a 2 hour video.

9 thoughts on “Security Alert for AVAST Users

  1. Interesting problem, Don Ray, and useful for us that you saw it.
    And it may not only be Avast (which I have used for years, with no problems) which allows this security problem to happen.
    I listened to the Security Now netcast you linked to, which briefly discussed the problem, then found Leo Laporte’s The Tech Guy episode of a few days earlier in which he troubleshot the problem on-air with a caller called Rose.
    That episode (#1314) is here: the discussion goes from approximately the 35-minute mark to the one-hour mark (both sides of a break).
    http://techguylabs.com/episodes/1314/how-can-i-stop-someone-using-facebook-spam
    Leo, like you, now does not recommend Avast.
    Steve Gibson, in the show you linked to, suggested Kaspersky (usually highly rated) might (he wasn’t sure) also allow a so-called man-in-the-middle attack like Avast seems to sometimes allow.
    The Tech Guy link above, which goes into the problem more at length, was more easily understood by me than the brief discussion between Leo and Steve.

  2. Yes, I had listened to the Tech Guy Netcast prior to the Security Now. Thanks for adding the link. I would not have had the problem the lady had with FaceBook, but knowing the way AVAST implemented the man in the middle worries me, so I am moving all the people I steered toward AVAST away. I only mentioned SOPHOS because I have used it on MACs and it is free and I hate to pay.

  3. When choosing an antivirus program, people often make the mistake of choosing it based on the little to no research. Free antivirus programs such as Avast and AVG are popular but the question is how do they stack up against the others. Some people simply go with the big names of McAfee or Symantec (Norton) because they have been around for so long and often come bundled with the computer.

    The real answer to the question of which Anti Virus, Anti Phishing, Anti Malware program to use should be based on real world testing and include factors like performance impact.

    I have found the most useful source of comparative testing and information to be by a group called AV-Comparatives. They are an independent organization offering systematic testing of 32 different Anti Virus programs. You can read a little bit more about them here: http://www.av-comparatives.org/about-us/

    They have monthly test that are well charted back to 2009. The two charts I find most interesting are the Performance Impact chart (how much does the Anti Virus program slow down your computer) and the Real World Test chart.

    http://chart.av-comparatives.org/chart1.php

    It is worthy to look at each of the tests listed in the drop down menu to see how the various programs have performed over time. My recommendation continues to be Eset. (http://www.eset-us.com/) I provide a copy of it at no charge to my clients whenever I am hired to cleanup or speed up a slow performing computer. It has been my go-to vendor for antivirus since the early 1990s.

  4. Many like Eset. I have never been one of them.

    The biggest security risk to any PC or cell phone still continues to be the user. Until users decide to become a little knowledgeable about Phishing, no AV is going to protect them.

  5. I used to have all these AV programs on my computer but I got rid of them all and just use the native Microsoft AV and Firewall. During the past year never had a problem and I surf a lot.

  6. Yes, there are many. Most will do OK. If you are careful, the free ones will do. If I were on a Windows PC, I would use the Microsoft free product. Most malware is entered into a PC at the invitation of the user. They get a popup saying they have a virys and click on it. They insert an infected USB drive. They respond to a message on FaceBook that came from a friend who had an infected PC.

Leave a Reply