MSAS Defintions "5703" - Now Available

[Randy Knobloch]

Update via the application.

Silj


--
siljaline

MS - MVP Windows (IE/OE) & Security (AH-VSOP)
__________________________________________
Security Tools Updates
http://aumha.net/viewforum.php?f=31

(Reply to group, as return address
is invalid - that we may all benefit)

 

[Bill Sanderson]

Randy - has this gone in either automatically or by a simple manual update
on your machines?

 

[plun]

Update via the application.

Silj

Hi


Hmm, this time it was a new way to update.

Manual update did not work as mentioned in other messages.

I shutdown MSAS and removed my 2 gcd files, directly
without any start I had MSAS running again with new
definitions...... ?!?

 

[Randy Knobloch]

Randy - has this gone in either automatically or by a simple manual update
on your machines?

Manual update, Bill, as I do not depend on the auto-update working...

Regards,


--
siljaline

MS - MVP Windows (IE/OE) & Security (AH-VSOP)
__________________________________________
Security Tools Updates
http://aumha.net/viewforum.php?f=31

(Reply to group, as return address
is invalid - that we may all benefit)

 

[Randy Knobloch]

:

Hmm, this time it was a new way to update.

Expand_ ?

Manual update did not work as mentioned in other messages.

Are you using (both) manual update options?
Double-click on the "Spyware Definitions" in the "System Summary"
Window, and/or select "Check for Updates" from the File menu.

I shutdown MSAS and removed my 2 gcd files, directly
without any start I had MSAS running again with new
definitions...... ?!?

Could you expand on this...
Thanks.

Silj

--
siljaline

MS - MVP Windows (IE/OE) & Security (AH-VSOP)
__________________________________________
Security Tools Updates
http://aumha.net/viewforum.php?f=31

(Reply to group, as return address
is invalid - that we may all benefit)

 

[Bill Sanderson]

Thanks - Randy, I'd never noticed the click on the Spyware Definitions
method.

I believe that all the methods, manual (either) or automatic--all run the
same code--but there are some strange things about this program. I had a
VPC on which the program died upon any attempt to bring up the UI in the
usual way--either by clicking on the menu item, the desktop icon, or
right-clicking the system tray icon and choosing to run it.

However, if I used the system tray icon to initiate a scan, and then halted
the scan, I could play with the UI to my hearts content without any further
error. Now that I think about this, I guess the error probably related to
the setup and/or display of the summary page, which I believe there's a way
to get back to once you've left it, but I can't recall what it is--and never
do that.

 

[Randy Knobloch]

Thanks - Randy, I'd never noticed the click on the Spyware Definitions
method.

I believe that all the methods, manual (either) or automatic--all run the
same code--but there are some strange things about this program. I had a
VPC on which the program died upon any attempt to bring up the UI in the
usual way--either by clicking on the menu item, the desktop icon, or
right-clicking the system tray icon and choosing to run it.

However, if I used the system tray icon to initiate a scan, and then halted
the scan, I could play with the UI to my hearts content without any further
error. Now that I think about this, I guess the error probably related to
the setup and/or display of the summary page, which I believe there's a way
to get back to once you've left it, but I can't recall what it is--and never
do that.

I run the manual update via the summary window as due course now.
Don't rely on the auto-update to work, though I leave it set.
Beats having the huge warning that it's turned off <g>

MSFT are watching, **and taking notes** as we all know, Beta2, hopefully
will have less bugs and glitches.
It's amusing what MSAS flags, and what it doesn't....
Example; IE5 toolbar wallpaper, can be used on any build of IE;
http://www.microsoft.com/windows/ie/previous/webaccess/tbwlpapr.mspx
MSAS flags it as "GonnaSearch Toolbar" -- Adware. Reported to SpyNet.
Peculiar, at best - not a criticism, though.

Regards,

--
siljaline

MS - MVP Windows (IE/OE) & Security (AH-VSOP)
__________________________________________
Security Tools Updates
http://aumha.net/viewforum.php?f=31

(Reply to group, as return address
is invalid - that we may all benefit)

 

[Bill Sanderson]

It'd be interesting to know more about some of these false positives. A
number that I've seen seem to relate to using an open source piece which
happened also to have been used by a spyware author. Somehow that seems
less likely with the Microsoft toolbar, though.

 

[Randy Knobloch]

It'd be interesting to know more about some of these false positives. A
number that I've seen seem to relate to using an open source piece which
happened also to have been used by a spyware author. Somehow that seems
less likely with the Microsoft toolbar, though.

I'd certainly like to know what false-positives MS has on file.
The "team" would perhaps make it available to an MVP?

Open source-ware reverse-engineered and misused by a black-hat, Bill!
Never <g>

Silj

--
siljaline

MS - MVP Windows (IE/OE) & Security (AH-VSOP)
__________________________________________
Security Tools Updates
http://aumha.net/viewforum.php?f=31

(Reply to group, as return address
is invalid - that we may all benefit)

 

[Bill Sanderson]

They are holding information pretty close in this beta. I'd be surprised if
there were a list of false positives which haven't been fixed in the current
set of definitions which they'd be willing to release--I think there'd be
significant risk of legal issues there, and the MVP ship isn't the tightest
afloat as we've seen recently--not speaking about you, or, indeed, any
security-related MVP at all.

I think you'd know what I know if you searched these newsgroups on the key
"false positive"--but of course I haven't revisited anything more than a
week old to see whether it is fixed in the newer definitions.