• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos0

Vulnerability / Delay in Program Control when logging in.

Have noticed a vulnerability / delay in Program Control rules when logging into Windows 8.1 and Norton Security version 22.5.0.124. I have Advanced Program Control OFF and have my own list of Program Control rules.

Within a minute of logging into Windows, any programs that do not have a rule can freely access the internet without any prompts from Norton Security to Allow or Block. Then, after approx one minute, Norton then blocks access and prompts me to choose Allow or Block.

As an example to test this, I use routerstats to monitor my internet connection. It does not have a rule to Allow or Block so Norton Security should really prompt me to Allow or Block. However after I log into Windows and run routerstats, it automatically begins to show router stats without Norton prompting. A minute later, routerstats shows that it has lost connection to my router and I then receive a prompt from Norton to Allow or Block. Once I Allow, the stats start appearing again.

This clearly shows that for a minute or so, things can bypass Program Control. Sounds like a vulnerability to me!

Replies

Kudos1 Stats

Re: Vulnerability / Delay in Program Control when logging in.

Are you using the Aggressive setting for Boot Time Protection within Norton?

Kudos0

Re: Vulnerability / Delay in Program Control when logging in.

No, Boot Time Protection is as default = Off.
Kudos0

Re: Vulnerability / Delay in Program Control when logging in.

...IMO .. FWIW....Automatic Program Control as you know is recommended. 
Do you observe same with APC = On ...?
 

Kudos0

Re: Vulnerability / Delay in Program Control when logging in.

I'm not sure what APC = On would achieve other than just allow the program to access the internet without user intervention.

The issue in hand is - why is there a 'window of opportunity' for programs to access internet unchallenged and without first prompting user. Isn't that the whole point and 'feature' of Program Control and a firewall... Otherwise you may as well call it Norton Insecurity...

Kudos1 Stats

Re: Vulnerability / Delay in Program Control when logging in.

Hello

With Boot Time Protection set to Aggressive, you would get Norton protection sooner most likely.

Success always occurs in private and failure in full view. Windows 10 Pro 64 bit Norton Core Security Plus 22.17.3.50 Core Firmware 282 I E 11 Chrome latest version.
Kudos0

Re: Vulnerability / Delay in Program Control when logging in.

Hello.

I will give Normal Boot Time Protection a try and see if it solves anything. I'm a bit apprehensive though because Boot Time Protection is a function listed under Anti Virus and not Firewall category and the issue I am having is Firewall related and not Anti Virus.

Will update once I have checked to see if any apps 'leak' out through the firewall when I get a chance to restart or shutdown...

Kudos0

Re: Vulnerability / Delay in Program Control when logging in.

Hello

Also, please disable Fast Startup since you are using Win 8. Norton recommends it to avoid problems and so do a lot of other programs. Thanks.

Success always occurs in private and failure in full view. Windows 10 Pro 64 bit Norton Core Security Plus 22.17.3.50 Core Firmware 282 I E 11 Chrome latest version.
Kudos0

Re: Vulnerability / Delay in Program Control when logging in.

Yep, Fast Boot (or Hiberboot) definitely off! I discovered that from the days of Win 8 long before Win 8.1. It's one of the first things I turn off with any Win 8.1 install. Used to cause unnecessary chkdsk scans when PC thinks drive was not shutdown properly.

Kudos0

Re: Vulnerability / Delay in Program Control when logging in.

Have set Boot Time Protection to Normal and tested a few restarts and Program Control appears to be triggering sooner than before. Will monitor it and see how consistent it is.

A bit unusual that it's a setting under Anti Virus. Perhaps it should be under Administrative Settings instead..

Kudos0

Re: Vulnerability / Delay in Program Control when logging in.

Setting it to Aggressive will ensure Norton loads before anything else at boot time, so you're fully protected with that setting.

Windows 10 Home X 64
Kudos0

Re: Vulnerability / Delay in Program Control when logging in.

Kudos0

Re: Vulnerability / Delay in Program Control when logging in.

ELAM was already enabled by default in my settings. Boot Time=Normal may be the answer but still testing it...
Kudos0

Re: Vulnerability / Delay in Program Control when logging in.

Yes, ELAM is On by default and Boot Time is Off by default > and FWIW = APC is On by default. 
Note: there is no export for Program Control Rules.  APC toggle resets program rules. 

Kudos0

Re: Vulnerability / Delay in Program Control when logging in.

Hello

When there is a version update, the custom Fire Wall rules will not be kept. In the past, I know they haven't been kept. I don't know about future updates.

Boot Time in Aggressive as I mentioned in my earlier posts will be better yet.

Success always occurs in private and failure in full view. Windows 10 Pro 64 bit Norton Core Security Plus 22.17.3.50 Core Firmware 282 I E 11 Chrome latest version.
Accepted Solution
Kudos0

Re: Vulnerability / Delay in Program Control when logging in.

Looks like Boot Time Protection = Normal is enough to prevent any leaks with manual Program Control. Cosmetically, it should be under Administrative Settings instead of AV settings if it affects both firewall and AV.
Kudos0

Re: Vulnerability / Delay in Program Control when logging in.

Hello SevenOfNine

I am glad that you solved your issue and thanks for marking the thread as solved.

On another note, are you an online gamer?

Success always occurs in private and failure in full view. Windows 10 Pro 64 bit Norton Core Security Plus 22.17.3.50 Core Firmware 282 I E 11 Chrome latest version.
Kudos0

Re: Vulnerability / Delay in Program Control when logging in.

Good to hear all is good again - glad I could get you in the ball park!

Kudos0

Re: Vulnerability / Delay in Program Control when logging in.

@yank - Cheers! I looked through every button under firewall but didn't look under AV... Spock would be right to call it illogical!

@floplot - Thanks and no problem. No, I very rarely do online gaming, mostly offline.

Kudos0

Re: Vulnerability / Delay in Program Control when logging in.

Hello SevenOfNine

Did you used to come into GSA sometimes?

Success always occurs in private and failure in full view. Windows 10 Pro 64 bit Norton Core Security Plus 22.17.3.50 Core Firmware 282 I E 11 Chrome latest version.
Kudos0

Re: Vulnerability / Delay in Program Control when logging in.

Is it someone else with the same username there as I have to say - I don't even know what GSA stands for so not me sorry!

This thread is closed from further comment. Please visit the forum to start a new thread.