update security vulnerability

I recently went to update from rev. 3 to rev. 4.
So I downloaded rev. 4 and started it only to get the message that I had to uninstall rev. 3 first.
This leaves me naked without any firewall so I unplugged my network cable before rebooting.
When I wanted to install rev. 4 it told me that there was not network and it could not download anything.

What kind of security is this?
If there were any blocked apps or stealthed trojans they could easily do their dirty work while upgrading the firewall. Especially as the update needs a reboot in between.
I regard this as a major security flaw. >:(

The scheme should be something like this:

  1. Download the new software completely before uninstalling the old one
  2. uninstall then reboot with networking disabled
  3. automatically install the new rev.
  4. reboot with network enabled

As a workaround you can enable Windows Firewall. That’s what I always do when uninstalling and installing a new version of CIS.

okay so i’ve noticed couple probs with security on updater appl

  1. “installing” is downloading
  2. to create ultimate security when updating, add next button click to after download is complete(so i can pull off network cable before updating)

Try this!

:slight_smile:

yep, HeffeD ,but i don’t trust windows firewall enough on this and i’m just suggesting couple lil fixes coz it would really be more safe if developers could write next button to updater appl before install

There’s the offline installer :wink:

well thats just another cheap way to go around it