Kaspersky\VPN\KSOS 21.7.5.198

Helios

@dimakor83

I do know that. For the sake of simplicity, I always call all of them .NET and it has absolutely nothing to do regarding the security of Kaspersky 21.4 and higher. .NET 5 is a core component for Kaspersky and mustn't be based on an outdated software package. It's a waste of time and resources and it makes absolutely no sense to me doing that. Kaspersky is a globally well-known and prestigious security solution and in my opinion it's anyway a must developing security software based on supported software components.

Helios

Hi folks

As you probably know Microsoft has banned downloading certain contents from their websites from Russia.

<a href="https://www.twitter.com/campuscodi/status/1538570733672189955" target="_blank" rel="noopener">https://www.twitter.com/campuscodi/status/1538570733672189955</a>

How is this affecting the development and quality of Kaspersky products? Does it?

Thx

Dmitriy.Pisarets

@helios said in <a href="/post/17172" target="_blank" rel="noopener">Kaspersky\VPN\KSOS 21.7.5.198</a>:
<blockquote>How is this affecting the development and quality of Kaspersky products? Does it?</blockquote>
Hello! we know about it, but beta forum is not place to discuss such questions. May be in press releases such info can be found,

Helios

@dmitriy-pisarets said in <a href="/post/17180" target="_blank" rel="noopener">Kaspersky\VPN\KSOS 21.7.5.198</a>:
<blockquote>

Hello! we know about it, but beta forum is not place to discuss such questions. May be in press releases such info can be found, 
</blockquote>
Ya, I do know. Anyway, thanks for the reply.

PS: Didn't know where to place it otherwise.

Helios

Hi my friends

I've been just tripped over the following article written by Martin Brinkmann from ghacks.net.

It's uttermost scary to me to read what Adobe Reader is able to do and being doing with many security solutions including Kaspersky. How is it possible to evade them? It's described to a certain extent, but even more important and essential, can it be fixed in general?

"Security tools inject DLLs, Dynamic Link Libraries, into applications that are launched on the system, which is necessary to gain access. The blocking prevents the injection from taking place."

Here is the whole article:
<a href="https://www.ghacks.net/2022/06/22/report-adobe-reader-is-blocking-antivirus-tools-from-scanning-loaded-pdf-documents/" target="_blank" rel="noopener">Report: Adobe Reader is blocking antivirus tools from scanning loaded PDF documents</a>

dimakor83

@helios said in <a href="/post/17182" target="_blank" rel="noopener">Kaspersky\VPN\KSOS 21.7.5.198</a>:
<blockquote>
Hi my friends

I've been just tripped over the following article written by Martin Brinkmann from ghacks.net.

It's uttermost scary to me to read what Adobe Reader is able to do and being doing with many security solutions including Kaspersky. How is it possible to evade them? It's described to a certain extent, but even more important and essential, can it be fixed in general?

"Security tools inject DLLs, Dynamic Link Libraries, into applications that are launched on the system, which is necessary to gain access. The blocking prevents the injection from taking place."

Here is the whole article:
<a href="https://www.ghacks.net/2022/06/22/report-adobe-reader-is-blocking-antivirus-tools-from-scanning-loaded-pdf-documents/" target="_blank" rel="noopener">Report: Adobe Reader is blocking antivirus tools from scanning loaded PDF documents</a>

</blockquote>
Uninstall Adobe Acrobat Reader. Install the STDU Viewer. First of all, STDU Viewer is, of course, PDF and multi-page TIFF. As well as DjVu, JBIG2, WWF and XPS. You can also use the program to view BMP, PCX, JPEG, GIF, PNG, DCX, WMF, EMF, PSD graphic files.The program will help e-book lovers to read books in FB2 (including FB2.ZIP), TXT, TCR, PalmDoc(PDB), MOBI, AZW, EPub formats. For fans of comics, support for CBR and CBZ formats has been added.The program is lightweight, not demanding on computer resources.

Helios

@dimakor83

Thanks for your support. I uninstalled Adobe Acrobat Reader already a while ago and using Firefox to view PDFs.

In our company, Acrobat Reader is installed on every computer.

Do you think there is a way that KL can circumvent or at least mitigate behaviors of such programs in general, so that any app that might do the same as the Acrobat Reader is protected of this deceptive practice?
I'm not an expert in this field.

dimakor83

@helios said in <a href="/post/17186" target="_blank" rel="noopener">Kaspersky\VPN\KSOS 21.7.5.198</a>:
<blockquote>
@dimakor83

Thanks for your support. I uninstalled Adobe Acrobat Reader already a while ago and using Firefox to view PDFs.

In our company, Acrobat Reader is installed on every computer.

Do you think there is a way that KL can circumvent or at least mitigate behaviors of such programs in general, so that any app that might do the same as the Acrobat Reader is protected of this deceptive practice?
I'm not an expert in this field.
</blockquote>
If there is no other way, keep Acrobat Reader up to date.

Helios

@dimakor83 said in <a href="/post/17187" target="_blank" rel="noopener">Kaspersky\VPN\KSOS 21.7.5.198</a>:
<blockquote>
If there is no other way, keep Acrobat Reader up to date.
</blockquote>
On my private machines, I always keep all the programs, drivers, firmware etcetera up-to-date.
In our company, the IT administration/support is a total fail. I have talked to them so many times that they should do much more for the security, but they completely refuse and ignore it. It's just enervating...

dimakor83

@helios said in <a href="/post/17188" target="_blank" rel="noopener">Kaspersky\VPN\KSOS 21.7.5.198</a>:
<blockquote>
@dimakor83 said in <a href="/post/17187" target="_blank" rel="noopener">Kaspersky\VPN\KSOS 21.7.5.198</a>:
<blockquote>
If there is no other way, keep Acrobat Reader up to date.
</blockquote>
On my private machines, I always keep all the programs, drivers, firmware etcetera up-to-date.
In our company, the IT administration/support is a total fail. I have talked to them so many times that they should do much more for the security, but they completely refuse and ignore it. It's just enervating...
</blockquote>
Don't even worry about the computers that are used in your company. Better take care of your personal computer. I recommended you the STDU Viewer program, which supports many more formats besides PDF. Believe me, STDU Viewer is very light, not demanding on computer resources, very easy to use program. Install it on your personal device instead of Adobe Reader and your computer will be less vulnerable in terms of information security.
In general, I can give advice. Before opening PDF files, check the file for viruses using the context menu with the latest version of anti-virus databases.

Helios

@dimakor83

Thank you for you advice. I will try out STDU Viewer later this day. I hadn't heard of it before until you mentioned it. 😊

Thanks again 👍

harlan4096

I use SumatraPDF (Free), very fast and clean GUI!

Helios

Ya, I do know SumatraPDF. It's indeed a lightweight viewer.

@all
What I don't understand. Is it really necessary for Kaspersky to install/inject the mentioned DLL into the Adobe Reader regarding security reasons to intercept malicious PDFs? I mean, Kaspersky runs at a lower system level than the Adobe Reader and should therefore scan any activities the Adobe Reader performs. At least, it's the normal behavior with all other programs (and system operations) which are installed on the system. Or am I wrong? Do I overlook something?

Unfortunately, I cannot try it out if this is really the case 'cause I don't own any malicous PDF.