Drive-by attack allows a user to be infected by a malware by just visiting a website and doing nothing. These attacks takes advantage of exploiting outdated vulnerable software such as Java, Flash, Adobe Reader, web browsers and etc. If you go to some popular underground forums, you will find quite a lot of exploit packs being sold. Basically the exploit packs contains information or tools on how to hack a computer through vulnerable software. One of the reason why software is constantly being updated and also a general advice to all users to keep their software updated is because of this. In short, malware can infect your computer through certain non-updated software.

Do note that not all outdated software can cause malware infection. If we don’t know which ones, the best option is to just keep all of the software installed on our computer up to date with the current release. The problem is with so many software installed on our computer, it can troublesome to make sure that each of them are up to date and not vulnerable to any attacks. This is where Heimdal comes to play.

Heimdal checks and updates the vital programs that can cause malware infection, and therefore protects you against 99,8% of all attacks. Heimdal currently monitors the following application and the list is constantly being reviewed:

  • 1. CSIS Heimdal agent
  • 2. Internet Explorer
  • 3. Firefox
  • 4. Java
  • 5. Skype
  • 6. Adobe Flash
  • 7. Adobe Acrobat reader
  • 8. Windows Media Player
  • 9. Apple Quicktime
  • 10. Winzip
  • 11. Microsoft MDAC (Mircosoft Data Access Components)
  • 12. Adobe Shockwave

    • The main graphical user interface of Heimdal shows a smiley face with a barometer. If the smiley face is smiling with a 100 score, then your computer is safe. However if it drops below 100, there are some vulnerable software found that requires patching.

    Heimdal Smiley

    Heimdal Agent is automatically ran whenever Windows is booted up and sits quietly in system tray, taking up very little memory usage with less than 5MB. There is no option to disable the autorun nor terminating the process. I tried killing Heimdal’s process from Windows Task Manager and it seems to be able to block it. The only way to stop Heimdal from auto running and ending the process is to stop the Heimdal Service from services.msc.

    I tried installing a few older version of software such as Adobe Acrobat Reader 9.3.4, Java 6 Update 17 (1.6.0.7) and Mozilla Firefox 3.6 to see what will Heimdo do. Heimdal detected the vulnerable version and automatically start downloading the latest patches to update the sofware. Within a few minutes, Adobe Acrobat Reader was updated to 9.4.6, Java updated to 1.6.0.19, and Firefox to 3.6.24 without any user intervention. Updating Acrobat Reader to 9.4.6 takes a couple of times because of the incremental updates that started from 9.4.0, increasing every sub-version until it reaches 9.4.6.

    Heimdal Monitored Software

    Heimdal works differently from those Update Checking software such as UpdateStar, SUMo and RadarSync. Those update checkers software reports for outdated software found on your computer and advices you to install the latest version (not latest build). As for Heimdal, it doesn’t prompt you to upgrade unless that software version contains vulnerability. Some people may still want to stick with an older version of the software because the newer version might be bloated or the computer is too slow to run it.

    The PRO version that cost $55US per year claims to offer further protection when you surf the Internet. I wasn’t sure how it is suppose to work so because the methodology wasn’t stated very clearly on their website so I contact Heimdal. Peter Kruse replied saying that they focus entirely on detection of banking trojans (such as Zeus and SpyEye) and the primary method is doing DNS blocking. Any access to malicious domains will be blocked by Heimdal and marked as a potential infection. This is a different approach than traditional antivirus or intrusion detection system which are battling crypters/packers and encrypted or obfuscated communication. This mean that you can safely run Heimdal side by side with any antivirus.

    Heimdal requires Microsoft .NET Framework 4 Extended (the full version) to run. If you’ve downloaded and installed .NET Framework 4 from Windows Update, that is actually the Client Profile version which is not enough to run Heimdal. Heimdal installer is able to automatically detect this and download the correct version for you.

    Frederik Braad, the Head of Operations is very generous to sponsor unlimited amount of licenses for Heimdal Agent PRO valid for 2 months. This is a very good chance for you to test out Heimdal Agent’s protection module since they don’t normally have a trial period for that. To claim your free license, be a verified member in our forum and go to the giveaway page to request for one. The license will be sent immediately via Private Message (PM). This offer expires on 1st of January.

    [ Download Heimdal | Official Website ]

    Thanks Patrick for sharing this software tip.


    Related posts:
  • Easily and Automatically Keep Your Software Setup Installers Up-To-Date
  • Integrate and Replace the Slow Windows 7 Default Search with Agent Ransack
  • How To Hide or Disable Annoying Software Startup Splash Screens
  • How To Extend Firefox and Internet Explorer Cookie Expiration Date
  • Speed Up your Adobe Acrobat Reader