Author Topic: Unhandled Exception Live Update  (Read 8434 times)

Jim610

  • Newbie
  • *
  • Posts: 7
Re: Unhandled Exception Live Update
« Reply #60 on: January 02, 2023, 07:15:45 pm »
by configuring the antivirus to have the whole Addon Manager folder to the antivirus Exclusions, and turn the firewall off.

Really!  Any software that requires a user to do this stuff to function correctly, especially the Firewall, is not well written!  We should not be requiring switching off a security feature in this day and age, IMHO.
« Last Edit: January 02, 2023, 07:17:33 pm by Jim610 »

Seth2413

  • Jr. Member
  • **
  • Posts: 62
Re: Unhandled Exception Live Update
« Reply #61 on: January 03, 2023, 09:35:57 am »
There's no need to do any of this, just be sure you have the latest version of the installer and be sure your firewall antivirus is not blocking it, by configuring the antivirus to have the whole Addon Manager folder to the antivirus Exclusions, and turn the firewall off.

Can you provide a link to the software you mentioned, thanks

Umberto means the addonmanager.exe program that updates GSX Pro, its a seperate thing to what I have mentioned, go to flightsim.to and search addons linker - there are good vids on youtube to show how it works. 

rogermoore

  • Newbie
  • *
  • Posts: 27
Re: Unhandled Exception Live Update
« Reply #62 on: January 03, 2023, 10:03:25 am »
by configuring the antivirus to have the whole Addon Manager folder to the antivirus Exclusions, and turn the firewall off.

Really!  Any software that requires a user to do this stuff to function correctly, especially the Firewall, is not well written!  We should not be requiring switching off a security feature in this day and age, IMHO.

quite agree, GSX is a security nightmare.  the manual update is an .exe from a random file sharer web site.

virtuali

  • Administrator
  • Hero Member
  • *****
  • Posts: 51443
    • VIRTUALI Sagl
Re: Unhandled Exception Live Update
« Reply #63 on: January 03, 2023, 11:07:22 pm »
Really!  Any software that requires a user to do this stuff to function correctly, especially the Firewall, is not well written!  We should not be requiring switching off a security feature in this day and age, IMHO.

Because you never saw a screen like this before ? I guess Google Chrome is not "well written" ?



« Last Edit: January 03, 2023, 11:17:02 pm by virtuali »

virtuali

  • Administrator
  • Hero Member
  • *****
  • Posts: 51443
    • VIRTUALI Sagl
Re: Unhandled Exception Live Update
« Reply #64 on: January 03, 2023, 11:16:41 pm »
Quote
quite agree, GSX is a security nightmare.  the manual update is an .exe from a random file sharer web site.

Not sure what you are trying to say here: the Offline installer is hosted on Google, which is not a "random file sharer web site", with a backup link on Mediafire that even if it might be used to share files, is clearly a legit company that has been around for years and always replies to copyright complains so no, it's not a shady nobody.

There's obviously a very good reason why the Offline installer is not hosted on our site, and it's because the ONE and ONLY reason for the Offline installer to even exist, is to prevent the possible issue of not getting the latest version of a file because of your local Cloudflare node wasn't updated, which would possibly affect the Offline installer itself!

Since if we placed the Offline installer on an subdomain on our site not cached by Cloudflare, it might well possible that, too many people downloading the Offline installer from a single host would either slow it down to a crawl, if not crash it, the logical choice was to place it on something completely separate, that has enough bandwidth issue for everybody.

HeicoH

  • Full Member
  • ***
  • Posts: 135
Re: Unhandled Exception Live Update
« Reply #65 on: January 04, 2023, 12:21:12 am »
I followed this topic for a while and I have to agree: GSX is a security nightmare.

I sent the offline installer .exe file to a virus lab and they ran 5 virus detecting apps. 4 out of 5 identified the offline installer as a possible virus or containing code that typically is used by viruses respectivly.

So, please, Umberto, explain why all GSX files and folders have to be excluded from virus detection apps and why they only work correctly when you exclude them from firewall apps.
« Last Edit: January 04, 2023, 12:35:14 am by HeicoH »
My GSX test scenario (unless otherwise stated):
Sandbox environment
GSX v 2.9.1 (as of 20 Jan 2023)
Fenix A320, PMDG 737-800, ATR-72
EDDL (JustSim), EDDK (Aerosoft), both not Marketplace
GSX jetways disabled
no AI traffic
no antivirus or firewall software running
all apps started in admin mode

virtuali

  • Administrator
  • Hero Member
  • *****
  • Posts: 51443
    • VIRTUALI Sagl
Re: Unhandled Exception Live Update
« Reply #66 on: January 04, 2023, 12:48:36 am »
Quote
I sent the offline installer .exe file to a virus lab and they ran 5 virus detecting apps. 4 out of 5 identified the offline installer as a possible virus.

Something not many users know, is one kind of heuristic metric that antivirus products wanting to show they are able to catch more virus than the competition ( "before they are even classified!" ), is the number of submissions sent by users to those sites!

Their flawed assumption is: since we don't have the slightest idea what this program really does but, if lots of users don't trust it, maybe it *might* be really dangerous. That's way easier and cheaper than trying to properly detect real threats, which is way more complex and would require a very deep and very slow analysys that will be slower and slower the more viruses are found.

I already explained so many times the various industry standard measures we use to prevent false positives but, repetition sometimes is required:

- ALL our executable are digitally signed with a Microsoft Authenticode signature, which cost us yearly fees to be maintained, and it would have been revoked if we ever got caught spreading a real virus. When you complain to an antivirus company asking what to do to prevent your software to be mistakenly flagged as a thread, the first thing they suggest, is to...digitally sign it with a Microsoft Authenticode. But it seems some antivirus products trust more their flawed heuristic than that.

- In ADDITION to that, we follow another IEEE standard, called "Software Taggant", which is a standard promoted by several antivirus vendors, because they DO realize that False positives are bad for their business too, so they come up with that one, and it's another Digital signature that is designed precisely to help antivirus products to not mistakenly flag legit programs as threats. So, in addition to the Microsoft Authenticode signature, we ALSO have the Software Taggant digital signature too. But again, while this standard has been out there since 2011, it seems that even in that case, some antivirus trust their own heuristic more than the standard they promoted.

So yes, we are following all the best practices to prevent false positives, but there's no limit how bugged security software can be. During a Windows update, Windows Defender flagged ITSELF as a threat, and in another case it flagged Flightsimulator.EXE as a threat too, see here:

https://www.avsim.com/forums/topic/584937-exclude-the-flightsimulatorexe-from-anti-virus/

And the Firewall too:

https://forums.flightsimulator.com/t/windows-defender-firewall-blocks-some-of-the-features-of-this-app/376624

So, following your reasoning, is MSFS itself a "security nightmare", because it can also be blocked by Microsoft own security products, and it's common knowledge that it's best to add Flightsimulator.exe to the antivirus Exclusions too ?