Reviews
Review: Qwik-Fix Pro
Qwik-Fix Pro
free through October
PivX
www.pivx.com
You probably already have some sort of protection from malware on your
computer or network (otherwise, it's unlikely that you're even able to
receive this newsletter). But even so, it's worth being open to new ways
to protect yourself. Qwik-Fix Pro is an implementation of one of the
more promising ideas I've seen lately, offering to protect you from
exploits before they exist.
Qwik-Fix is designed to operate on the vulnerability level, rather than
the exploit level. For example, some recent nasty worms used a hole in
the ADODB.Stream object to ship nasty code into the target system. That
particular hole was well-known in the security community for months
before the worm appeared. One of the things that Qwik-Fix does is
disable the ActiveX object in question, making the system invulnerable
to any worm that tries to exploit this particular vulnerability.
Qwik-Fix includes patches for a dozen or so such dubious Windows
features, from disabling the Messenger service to tweaking the security
settings for the My Computer zone. These patches are done dynamically
when you run Qwik-Fix, and you can turn them off at any time, either all
at once or individually, if you discover you're one of the rare users
who depends on the affected functionality. There's also an updating
function that lets you download new fixes.
There are two versions of Qwik-Fix. The first is for individual
computers, and you manage it by hand. The second is for networks, and
lets you deal with security settings and updates centrally. You can grab
the home version for free, or try out the enterprise version. While the
package isn't perfect (in particular, I wish it would better document
exactly what it's doing), it does add another layer of protection to
Windows. In my experience with the betas over the last few months it's
been inobtrusive and trouble-free.