Have the security holes been fixed in SAFEZONE?

system · 2017-03-21T16:23:48.000Z

I have had problems trying to get the Passwords feature (paid) to interface with my browser. I have used Firefox for years. When I had the Avast FREE password version, it worked fine. I pay for it and it wont work properly with Firefox…so I set up safezone. It is a very smooth browser – and very simple, in that all the security features are built in. My password manager works well and integrated fine but I just read that in Feb of 16, very bad safety breaches were discovered in the SZ browser. I just went through a very bad hack experience and had Tech support inside my PC for almost a full day checking it out. I don’t need this again. Who does?

My question is, have those issues been cleared and is the browser solidly secure now.? THERE ARE no ARTICLES on the net indicating if, when or how AVAST dealt with these open doors into your system through SZ … and there is no customer service at AVAST - which is very annoying – I’d love to speak with some individual directly.

Odd that AVAST issued nothing on this or put anything on their website…no one even talks about it!!

http://news.softpedia.com/news/avast-safezone-browser-lets-attackers-access-your-filesystem-499990.shtml

Anyone?

mchain · 2017-03-25T16:23:14.000Z

Hi xtranaut,

Welcome to the forums.

Well, as the link you provide is dated February 5th, 2016, it would be old news, it would seem. However, having said that, it would also explain why you’ve not seen current news regarding these exploits.

Key trigger in exploit(s) is shortening the URL link posted. One workaround is to hover your mouse over any url link and look down to the lower left corner to see if links match. If they don’t, either the full version of a shortened url is visible or it is a malicious redirect of a site. More information about url shortening here: https://duckduckgo.com/?q=URL+shortening&atb=v23&ia=web

Because of the possible malicious nature of any shortened url, I never use such.

I’d start with the Wikipedia article and go from there.

Avast has already fixed the holes: (Scroll down to view quote in your linked article.)

Ormandy told Avast about their problem on December 18, and ten days later, the company issued a quick fix that prevented this issue from being exploited. The latest version of the Avast antivirus released on February 3 included a complete fix for this problem.

So, if you are careful not to click shortened urls one of the ways to exploit your system is minimized.

Two recommendations:

Purchase and learn how to use disk imaging software
Practice safe browsing and use software gotten only from reputable vendors

Sorry you had to go through what you’ve been through.

ondrejz · 2017-03-29T09:36:36.000Z

Hi,

thanks for nice feedback, xtranout

Mchain is right, the security hole was fixed before the article was published.

Announcements