Is There Any Security Risk with Not Keeping HWINFO Updated?

Dave1001

Dave1001

Well-Known Member
I've been using HWInfo64 a bit less over the past few months but I don't want to uninstall since I do still regularly open it and use it when playing more demanding games


however, this means I've had to open it up and update it every month even when not using it. is there any security risks with leaving HWInfo behind a few updates for a while?


I know updates add new features and all but is it a security risk to leave the application un-updated? my current version is the October 11th release, so it'd only be a month behind at the moment


would appreciate any insight
 
Not necessarily, it depends on system. For example, Microsoft is tightening security in Windows and HWiNFO sometimes has to implement changes to comply with new rules, especially for kernel protection.
So one of such updates was just released in v7.66 but this currently should affect only a small number of systems.
 
Martin said:
Not necessarily, it depends on system. For example, Microsoft is tightening security in Windows and HWiNFO sometimes has to implement changes to comply with new rules, especially for kernel protection. So one of such updates was just released in v7.66 but this currently should affect only a small number of systems.
Click to expand...


sorry, I didn't get notified about the reply and it slipped my mind. I did just update to v7.66 but I had another security-related question, more so about the website



I don't run an adblocker, which is probably considered a bit foolish in this day and age, so obviously ads do show up on all sites. while rare, I know ads can execute malicious scripts without any user interaction, just by existing on the site


I doubt you can control what specific ads show up of course but how safe/secure is the download site in regard to these kinds of attacks, where ads can spread malware just by being on the page


when I'm on the download page, there's usually 1 or 2 ads in between one of the 3 download columns, an ad banner on the bottom and an ad on the left, and of course an ad that popups when downloading the software


like I said, I'm not really sure if you can actually control what ads appear on the site and all, so I doubt it's possible to say with 100% certainty, but would this be something to ever worry about? ads executing malicious javascript/code onto the site?


idk, I guess I just thought about this when seeing the ads and seeing a post on these forums asking if it was secure to jump from HWInfo64 to the update URL, because it would create an elevated process in the browser or something


granted that post was 10 years ago but it just got me thinking about how ads on websites can do that
 
That's right, we don't have full control over ads placed there nor we can review them all. We can block specific ads or providers (which we sometimes do) but only after those ads have been placed.
That's same for all publishers using Google ads - they are managed by Google, so it's Google's responsibility to check them. I believe they do so and at least verify them via the safe browsing list.
 
Martin said:
That's right, we don't have full control over ads placed there nor we can review them all. We can block specific ads or providers (which we sometimes do) but only after those ads have been placed.
That's same for all publishers using Google ads - they are managed by Google, so it's Google's responsibility to check them. I believe they do so and at least verify them via the safe browsing list.
Click to expand...
I figured so. besides that, is there any real reason why I see the aforementioned ads on the download site on my phone and Windows 10 system, yet they don't appear on my Windows 11 system? something to do with the OS? just found that odd


just got standard Windows Defender w/ no adblock on anything



anyway, I know it's irrational, but malvertising makes me uneasy but if you don't have many details about the ads then I guess there's not too much you can say. probably why an adblocker would be good, although I don't think they fully prevent the code that malvertising ads contain
 
If you're from a country subjected to GDPR and you got a prompt for privacy settings that you rejected, then some or all ads might be blocked.
Displaying a malicious ad can't load the malware into your system. You'd have to click such a malicious link and then depending on your system/software might also need to install it.
There's also another option - if you would go for HWiNFO64 Pro then you won't need to visit the site anymore as it handles the updates automatically without need to go to the download page.
 
Martin said:
If you're from a country subjected to GDPR and you got a prompt for privacy settings that you rejected, then some or all ads might be blocked.
Displaying a malicious ad can't load the malware into your system. You'd have to click such a malicious link and then depending on your system/software might also need to install it.
There's also another option - if you would go for HWiNFO64 Pro then you won't need to visit the site anymore as it handles the updates automatically without need to go to the download page.
Click to expand...
I'm in Australia; I checked with a different browser on the Windows 11 system and the ads are there. ig it's just Chrome, weirdly enough, even though Chrome is the browser I was observing these ads with on my Win10 system


and I am pretty sure that malvertising does allow the ad to potentially inject malicious code/problematic stuff simply by existing on the page without user interaction, although it's rarer I think. googling about malvertising gives surprisingly poor information


anyway, the main ads that would catch my attention are always at the bottom. bloatware and obvious scam/potential virus programs like WebCompanion by Adaware, and Driver Support BitDriver. both of which I'm certain have been reported to Google a lot


obviously I would never click on the ads but the idea of malvertising makes me wary sometimes. I've considered Pro in the past due to the ease of updating from the app itself
 
If one would use some other ad delivery services, "malvertising" could be an issue. But these ads are served via Google services where advertisers can't inject their code into the ad. The only potential danger lies in the target.
 
Martin said:
If one would use some other ad delivery services, "malvertising" could be an issue. But these ads are served via Google services where advertisers can't inject their code into the ad. The only potential danger lies in the target.
Click to expand...
I read up further on malvertising on MalwareBytes because it felt like an umbrella term ; I was right. obviously there's the classic case of clicking an ad and being taken to a malicious website, but what I was referring to is a 'drive-by download'


I believe those are less common nowadays but maybe that adds a bit more context as to what I was saying. the drive by downloads are the ones that implant code into the ad to automatically infect you when you load the site, and aren't usually detectable because it can't distinguish between the legitimate and malicious code



anyway, I understand there's all those ads there because of smth to do with the app being freeware? at least that's what I saw from an older post on the forum. I just wanted to check if there was some reassurance on the threat level of drive-by download malvertising
 
You must log in or register to reply here.
Back
Top