Bitdefender 2015 In A Big Faill

Options

first i would like to say that bd is 2014 32 bit version protect pc more than 2015 version because of paranoid mode in 2014 version


but version 64 bit in 2014 or 2015 is too bad the layer of IDS not workin at all levels


so i make this test to test the IDS layer in both 32 bit and 64 bit of bd is 2014 and 2015


2015 version faill to prevent hacker process by IDS unit in both 32 bit and 64 bit


but t think that 32 bit with paranoid mode will success in 2015 after reintegrated it


bd is 2014 32 bit cuccess to prevent the patch file to hacking my pc thorough IDS unit


but 64 bit faill to prevent because of IDS not working in all bitdefender versions from 2014 till 2015


so i would like to support team to test bd is 2014 and 2015 by this file


under 32 and 64 bit windows


i would like to repaire IDs layer in 64 bit versions


and re integrate paranoid mode in 2015 version


file with password protected


infected


https://www.mediafire.com/?6bicq3x3yx9bswd

Comments

  • cuccess = success

  • jitzy
    Options
    first i would like to say that bd is 2014 32 bit version protect pc more than 2015 version because of paranoid mode in 2014 version


    but version 64 bit in 2014 or 2015 is too bad the layer of IDS not workin at all levels


    so i make this test to test the IDS layer in both 32 bit and 64 bit of bd is 2014 and 2015


    2015 version faill to prevent hacker process by IDS unit in both 32 bit and 64 bit


    but t think that 32 bit with paranoid mode will success in 2015 after reintegrated it


    bd is 2014 32 bit cuccess to prevent the patch file to hacking my pc thorough IDS unit


    but 64 bit faill to prevent because of IDS not working in all bitdefender versions from 2014 till 2015


    so i would like to support team to test bd is 2014 and 2015 by this file


    under 32 and 64 bit windows


    i would like to repaire IDs layer in 64 bit versions


    and re integrate paranoid mode in 2015 version


    file with password protected


    infected


    https://www.mediafire.com/?6bicq3x3yx9bswd


    Agree with IDS....it does nothing here..im using win 7 64 bit and BDIS 64bit...dunno abt 32 bit though...but yep IDS not blocking that file even on aggressive mode and nothing in events


    BD SUPPORT should look into it.....IDS not doing its job atm

  • Agree with IDS....it does nothing here..im using win 7 64 bit and BDIS 64bit...dunno abt 32 bit though...but yep IDS not blocking that file even on aggressive mode and nothing in events


    BD SUPPORT should look into it.....IDS not doing its job atm


    only bdis 32 bit can block this file if you adjust IDS on normal mode and activated the paranoid mode in 2014 version

  • why no reply ? when Bitdefender co. will repair the 64 bit version (IDS) for windows 64 bit

  • why no reply ? when Bitdefender co. will repair the 64 bit version (IDS) for windows 64 bit


    Is this issue as serious as it sounds, or would another layer of BDIS prpotection protect your PC from this apparent flaw in IDS for 64 bit?

  • busterbuddy
    edited October 2014
    Options
    Is this issue as serious as it sounds, or would another layer of BDIS prpotection protect your PC from this apparent flaw in IDS for 64 bit?


    Could someone please explain to me what threat this deficiency in the IDS on 64 bit systems poses to a user of a Windows PC?


    To a non-techie such as myself it sounds serious - serious enough I feel I should not be using BDIS.


    Why the silence from BD on this? Cuz it is that bad and BD doesn't know how to fix it??????????


    I will interpret a non response from BD as a yes to all my questions.

  • antikythera
    edited October 2014
    Options

    IDS is less relevant under 64-bit windows than 32-bit because of the architecture differences. Until specific threats are written to counter the following measures, 64-bit Windows has better protection against certain risks out of the box than 32-bit.


    A Standard unmodified installation of 64-bit Windows requires signed drivers. Also the Memory Address Space is larger so the Address Space Layout Randomization used by programs to make it harder for hackers to exploit vulnerabilities has a larger resource to play with. Under 64-bit systems there is also Kernel Patch Protection aka Patchguard which helps prevent modification to the windows kernel. WOW64, the emulator used to run 32-bit programs also has limitations to help prevent root-kit infection for example and no 32-bit program runs in kernel mode at all with 64-bit windows.


    So a lot of the threats IDS works to prevent are already dealt with by these OS features. Because of the restrictions in place within the OS, it also can mean that some components of third-party security packages (like BDIS or coughKIScough to name two examples) themselves are unable to load the necessary drivers and components to run unless they are properly coded and signed to comply with Microsoft's pre-defined specifications for the operating system. For more in-depth or alternate explanations if you found mine confusing please use google.

  • Nesivos
    Nesivos
    edited October 2014
    Options
    first i would like to say that bd is 2014 32 bit version protect pc more than 2015 version because of paranoid mode in 2014 version


    but version 64 bit in 2014 or 2015 is too bad the layer of IDS not workin at all levels


    so i make this test to test the IDS layer in both 32 bit and 64 bit of bd is 2014 and 2015


    2015 version faill to prevent hacker process by IDS unit in both 32 bit and 64 bit


    but t think that 32 bit with paranoid mode will success in 2015 after reintegrated it


    bd is 2014 32 bit cuccess to prevent the patch file to hacking my pc thorough IDS unit


    but 64 bit faill to prevent because of IDS not working in all bitdefender versions from 2014 till 2015


    so i would like to support team to test bd is 2014 and 2015 by this file


    under 32 and 64 bit windows


    i would like to repaire IDs layer in 64 bit versions


    and re integrate paranoid mode in 2015 version


    file with password protected


    infected


    https://www.mediafire.com/?6bicq3x3yx9bswd


    1. I downloaded the file and BD would not scan it because it is password protected as indicated above. What BD would do with the file if unzipped is unknown since I do not have the password and could not locate it on Media Fire from where the file was downloaded.


    2. I then scanned the file with Malwarebytes 2.0.3 and the file came up clean


    3. I then uploaded the file to Virus Total and 51 out of 52 scanners found the file clean. Only Fortinet which makes and sells Enterprise, Search Provider and SMB security solutions indicated the file is infected with "W32/Mdrop.GFA!tr" which a low risk fake AV dropper. A search on Google for that file name came up with one result.


    4. The OP does not pass the smell test. Smells fishy to me.


    People can make of comments what they will.

  • Nesivos
    Options

    Just another thought or two on this.


    Since the file is zipped it poses no risk in its current state. Since it is password protected it poses even less risk since it can not be accidently opened. What BD would do with this file if the password were entered and the file unzipped is unkown.


    I do not consider the OP to be a valid test of BD 2015 or in my case here BD W8 Security IDS. The file as downloaded in the *.rar file format is harmless.

  • IDS is less relevant under 64-bit windows than 32-bit because of the architecture differences. Until specific threats are written to counter the following measures, 64-bit Windows has better protection against certain risks out of the box than 32-bit.


    A Standard unmodified installation of 64-bit Windows requires signed drivers. Also the Memory Address Space is larger so the Address Space Layout Randomization used by programs to make it harder for hackers to exploit vulnerabilities has a larger resource to play with. Under 64-bit systems there is also Kernel Patch Protection aka Patchguard which helps prevent modification to the windows kernel. WOW64, the emulator used to run 32-bit programs also has limitations to help prevent root-kit infection for example and no 32-bit program runs in kernel mode at all with 64-bit windows.


    So a lot of the threats IDS works to prevent are already dealt with by these OS features. Because of the restrictions in place within the OS, it also can mean that some components of third-party security packages (like BDIS or coughKIScough to name two examples) themselves are unable to load the necessary drivers and components to run unless they are properly coded and signed to comply with Microsoft's pre-defined specifications for the operating system. For more in-depth or alternate explanations if you found mine confusing please use google.


    Thank You antikythera for taking the time to explain this. :-)

  • Nesivos
    Options
    IDS is less relevant under 64-bit windows than 32-bit because of the architecture differences. Until specific threats are written to counter the following measures, 64-bit Windows has better protection against certain risks out of the box than 32-bit.


    A Standard unmodified installation of 64-bit Windows requires signed drivers. Also the Memory Address Space is larger so the Address Space Layout Randomization used by programs to make it harder for hackers to exploit vulnerabilities has a larger resource to play with. Under 64-bit systems there is also Kernel Patch Protection aka Patchguard which helps prevent modification to the windows kernel. WOW64, the emulator used to run 32-bit programs also has limitations to help prevent root-kit infection for example and no 32-bit program runs in kernel mode at all with 64-bit windows.


    So a lot of the threats IDS works to prevent are already dealt with by these OS features. Because of the restrictions in place within the OS, it also can mean that some components of third-party security packages (like BDIS or coughKIScough to name two examples) themselves are unable to load the necessary drivers and components to run unless they are properly coded and signed to comply with Microsoft's pre-defined specifications for the operating system. For more in-depth or alternate explanations if you found mine confusing please use google.


    That is probably one of the reasons that BD 2015 has not yet been certified to work with W10 TP