Immunet Blog

The updater files for migration to Immunet Protect Beta 1.0.26 are now posted.  Migration can be done from any Immunet build from 1.0.14 up to current (1.0.25). You will be prompted for a reboot as we are replacing drivers with this install. Windows XP SP2 is not supported, only XP SP3 and up. Vista SP1 + and Windows 7 are also supported.

The primary changes in 1.0.26 are:

•  Fixed an installer issue where some driver failures were occurring on Windows XP SP3 systems.  
•  Changed our installation process to ensure cleaner removal and installation of drivers.
•  Changed our internal logging to add additional wide character support.
•  Addressed 54 additional issues reported in field from previous builds.
•  Added additional conviction logic into our back office.
• Rounded out support for OEM functionality.

If you are not currently having problems with your installation there is no reason to upgrade. If you are in doubt about whether to upgrade or not please mail Support and ask, we are happy to help.

Earlier in this month the Immunet team shipped and enabled a new engine to our Immunet Protect Beta. This Anti-Virus engine, titled ETHOS, is focused on helping us leverage our community to help protect our community. Essentially the engine looks for threats (heuristically) on the desktops of our community. If it finds a suspected threat it remediates it and then communicates about it (and sometimes the file itself) to our Cloud so the rest of the Immunet Community is protected from it instantly.

It's long been our opinion that the most dangerous malware our community faces is malware which is making the rounds in the 'here and now' . This 'active malware' is what we all need to be worried about. This is the stuff that you and those around you are most likely to encounter. Sounds like common sense right? It is, but the vast  amount of Anti-Virus signatures (well over 97%) created for most Anti-Virus products are created from traded malware collections (which are tired and old) or collected/crawled from malware web sites which are often fallow and no longer active. This results in most Anti-Virus products downloading millions of largely useless definitions a year. We believe it's the small minority of threats which are live and on the move which need your attention.

So with the small minority in mind we built ETHOS. I am going to present some data here for you put context around our findings.

General Threat Data (Based off the last 7 days)

• Every 24 hours we block 1910 (on average, outliers removed) threats
• We process (create cloud definitions) for 17,500 files a day. This malware comes from crawling and malware collections which we trade. We will refer to this as 'Cloud Processed' malware.
• We separately collect and process 50 threats a day (on average) from our ETHOS engine. This engine is only active on 7,120 users in our community this is about 10% of the whole user base.

So with these numbers in mind here is the story so far, of the 1910 threats we stop each day, 382 or 20% come from ETHOS.  So to put this into perspective graphically our overall processing looks like this:

Now, if we look at what our actual user base is seeing for 'in-field' protections it looks like this:

What you should take away from this is that ETHOS is contributing a wildly disproportionate amount of protection to our Community when compared to our other protection generation. This is with only 10% of the Immunet Community running ETHOS right now. As we grow ETHOS will see wider deployment and these numbers should become even more compelling.  

Clif Sipe over at Techie Buzz just gave Immunet Protect 1.0.25 a very thorough review that is worth a read. You can find the review here. The upshot is that we recieved a 4/5 rating from Clif who has been watching the product for a few months now.

Immunet Protect Beta 1.0.24 was recently put through its paces by the folks over at Malware Research Group (MRG). MRG is doing a well thought out monthly review of 30 anti-malware products to see how well they detect fresh, real world, active Rogue Anti-Virus programs.  The report titled “Rogue Software Infection Prevention Test, January” showed Immunet Protect Beta performed quite handily. In fact, we beat out both Microsoft Security Essentials and Avira  at detecting these in-field threats. It’s great vindication for our community (and the development team of course..), particularly given we are in beta with some ways to go before all of our detection engines are deployed!

All,

The updater files for migration to 1.0.25 are now posted. The updaters will install the new product, uninstall old product if you have it and then load your new drivers. Migration can be done from any Immunet build from 1.0.14 up to current (1.0.24). You will be prompted for a reboot as we are replacing drivers with this install. Windows XP SP2 is not supported, only XP SP3 and up. Vista SP1 + and Windows 7 are also supported.

The primary changes in 1.0.25 are:

• Fixed an installer issue where some driver failures were occurring on non-native English OS installs.
• Fixed an 'Offline Mode' issue related to DNS under certain platforms.
• Increased efficacy of the ETHOS engine and reduced it's memory footprint.
• Fixed an issue with the local system cache which causes some look-ups to fail.

The Immunet Protect Beta 1.0.25 32 bit Updater is:Here
The Immunet Protect Beta 1.0.25 64 bit Updater is:Here

Our intention is for this to be our last update for the product until our April release.