Since the 3/6, Again again again again - No Capricorn-updates!!

MNielsen
MNielsen Posts: 70 Active Engager
edited December 2023 in F-Secure Total

Have you left the building?

Should I use Windows Defrnder?

Should I use AVG Free?


Do something!

Accepted Answer

  • Firmy
    Firmy Posts: 1,626 Community Manager
    Answer ✓

    I just wanted to mention that the new database update was released on June 5th, 2023. While there might occasionally be a slight delay in the release of updates, I want to assure you that F-Secure products are equipped with the Security Cloud function. This means your device will be continuously protected 24/7, even if there is a delay in the database update.

    If there's anything else you need assistance with, please don't hesitate to let us know. We're here to help and would be more than happy to assist you.

    Thank you once again, and have a wonderful day.

Answers

  • Ukko
    Ukko Posts: 3,617 Superuser

    Hello,

    // in case your experience is about something else; I am assuming you have received all the updates mentioned in dbtracker.f-secure.com;

    First of all, I agree that the "normality" of not having or reducing the frequency of updates during the weekend is just an excuse. It is always important to receive updates for a security solution as fast as possible and as often as reasonable, especially if it is brings better protection after all. And the traditional 'signature'-based approach is included (and, probably, at the time it was the most important point). Perhaps some Labs do this and really 24/7, without limitations, days off or holidays. Probably depends on the quality, facilities and resources of the Lab. As well as a stream of samples from users.

    Nevertheless, that is why F-Secure made the implementation of DeepGuard first (an advanced solution in its time), Ultralight design and Security Cloud approach (as Cloud-based solution) then. Always be "up to date" and always give fresh information to the user. Regardless of the usual offline database or signature/enhanced methods. Almost automatically.

    Also, Capricorn engine is not the only and not the most significant in the whole security core. I mean, this gives a very reliable and robust addition to protection, but the absence of "updates" of the database (signatures or generic detections) for some short period of time for "normal" reasons (and not as was the case with the example with deliberately withdrawing them due to raising false positive shortly before) is not the most dangerous. Because F-Secure Security Cloud will still have "real-time" information about known threats and have some statistics for other modules (like DeepGuard, for example).

    Then, I can to think about some points:

    • since the theme was touched on (in other topics) - this, of course, can be funny; but in a general sense - on weekdays "malicious actors" are really more active and fresh "items" can appear more often. Most of them are aimed at business users (offices, companies). Therefore, both spam-letters and checking mail on weekdays are all an opportunity to discover something previously unknown. Home users (in the absence of targeted attacks) will more often come across something already "long" known, or it will be so rare that the "frequency" of the update will not play a role. And although my opinion is not substantiated by anything significant, but when F-Secure provided real-time detection map. I sometimes looked and saw that over the weekend - the number of detections was very much reduced and was mainly about the most popular threats and those detected by basic generic signatures. And something "unusual" was more often found on weekdays.
    • second, just consider the risks. Let's say there were no Capricorn updates today. What is the threat? A malware created today? If so - for it to get into the Capricorn engine, at least it needs to be known to Labs (gathered by specialists or received from someone). Or a certain number of users had in their system (with no detection at this point). And if this something is not detected by other layers of protection (that is, item represents some kind of advanced level) - it should arouse suspicion and the like; and only then can be analyzed/detected by Capricorn engine. Thus, it can be assumed that updates for the Capricorn engine are more often about two or three days old threats (or even older). Less often, something today. At the same time, more often updates can be just an optimization. For example, to improve this or that detection system or to correct generic detection for a more accurate or "large-scale" effect. While other engines and the entire design of F-Secure protection will still provide a protection based on their real-time information, which is accumulated in Cloud; and so always up-to-date (discarding cases with bugs or technical problems).
    • by using some other mentioned AV solutions you can meet unexpected problems with privacy and similar things. So it's best to always read their Terms and Policies.
    • I don't know how F-Secure Labs works. But, probably, such pauses are due to the fact that the Capricorn engine is built in a sense on an OEM solution. Therefore, there may be some "technical" difficulties in sending/receiving a complete update package. And those.. things that are already prepared in such a package are already used by Security Cloud for the verdict, even if not yet available as part of the Capricorn database update. However, I have seen from my own experience and read in reviews / comments that the processing of sent samples did not take place on the weekend or was longer (maybe due to the smaller number of specialists on duty and no less flow of items for analysis).

    Actually, all I wanted to say is this:

    • If you come across something really fresh (of threats) over the weekend. Then even on weekdays and with Capricorn updates, you will need to rely on other layers of protection. Because it is unknown yet.
    • Most likely, you will come across something not so fresh (and maybe even more than a week old). In this case, the Capricorn engine already knows this and updates have already been received.
    • There will be a (small) number of users who may be affected by malware before it is known to be dangerous. If we are talking about something not very easy to detect.

    Have you ever experienced such pauses during the week (except weekends)? Because I am not sure about answer for "Is Weekend Up-To-Date?", but the decrease in activity on weekends is more understandable than on weekdays.

    Thanks!

  • MNielsen
    MNielsen Posts: 70 Active Engager
    edited June 2023

    And still no updates - not even for Hydra, DeepGuard, Virgo, and all the others... They latest got updates on the 2/6 and the 2/3. These ones always normally gets updates when Capricorn is paused...


    It's allways in the weekends, or up to the weekends. and in a longer period, it has been a shorter pause - only one day without updating.


    the last time, it took seveal days because it was some false/positive reaction from the program something about it blocked websites without any danger.


    And other times it was because of maintenance of the server. Do they really have ONLY one, single server? And can't switch to another during maintenance?

  • MNielsen
    MNielsen Posts: 70 Active Engager

    Now, there was a... Not heavy uppdate - only an Ultralight update..... So, the updater IS working.....

  • Firmy
    Firmy Posts: 1,626 Community Manager

    Hello @MNielsen @Ukko

    Thank you for your post and comment.

    Rest assured, your devices continue to remain protected as our Security Cloud is still active, delivering the best and most up-to-date protection for you. The engine databases work alongside the Security Cloud to provide supplementary layers of protection.

    What is Security Cloud? - F-Secure Community

    F-Secure_Security_Cloud.pdf

    To address the concerns raised by some of our users regarding update delivery, we want you to know that our team has identified the issue's source and is actively working on a solution.

    We sincerely appreciate the feedback from our users.

    Please know that we take this matter seriously, and we have engaged the appropriate teams to ensure a prompt resolution.

    Rest assured, we will keep you informed once the update is released and the issue is resolved.

    We kindly ask for your patience and understanding as we continue to work diligently to resolve this issue. Your support and understanding are greatly appreciated.

    Thank you for your understanding, and we wish you a wonderful day.

  • MNielsen
    MNielsen Posts: 70 Active Engager

    That was about time... At last, a Capricorn-update arrived to F-Secure.......

This discussion has been closed.