Welcome
Welcome to vistafirewallcontrol

You are currently viewing our boards as a guest, which gives you limited access to view most discussions and access our other features. By joining our free community, you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content, and access many other special features. In addition, registered members also see less advertisements. Registration is fast, simple, and absolutely free, so please, join our community today!

Updating Store/Metro Apps

Updating Store/Metro Apps

Postby metal450 » Thu Jan 05, 2017 3:33 am

So it looks like whenever you update a Metro/Store app, it changes its path. As a result, it gets re-detected by the firewall as a new .exe, get added to the list, you re-assign the zone, and delete the previous version's entry. Just wondering if there's any way around this, to make updating Store Apps a bit more seamless - or you just have to do this for each app each time?
metal450
 
Posts: 50
Joined: Tue Dec 20, 2016 6:19 pm

Re: Updating Store/Metro Apps

Postby VistaFirewallControl » Thu Jan 05, 2017 11:56 am

WxFC protects running processes. Every process is determined by EXE file created the process.
Every EXE file has a (unique) full path. So a different path – a different process – a different entity to protect (list and detect).
If exe path is changed the firewall just has nothing to do and just detects the application as new.
Unfortunately we have no a strict idea at the moment for how to be sure that a new EXE path belongs to strictly the same (but updated) application.
Anyway thank you for noticing, the problem is inserted in our todo list.
VistaFirewallControl
Site Admin
 
Posts: 1492
Joined: Fri Mar 27, 2009 11:25 am

Re: Updating Store/Metro Apps

Postby metal450 » Thu Jan 05, 2017 6:24 pm

Yeah, I figured that would be the case - just thought I'd ask, as it seems like this may have come up before.

As a possible suggestion, then: it looks like these Metro apps have pretty predictable paths, i.e.
C:\program files\windowsapps\teamviewer.31414b719fa93_12.0.100.0_x86__89446h4zmeyyt\teamviewertouch.exe
C:\program files\windowsapps\facebook.317180b0bb486_91.663.61525.0_x86__8xx8rvfyw5nnt\winuapentry.exe

So if a new network activity is detected from an app at i.e.
C:\program files\windowsapps\facebook.(SomeHashValue)_(SomeVersionNumber).0_x86__8xx8rvfyw5nnt\winuapentry.exe

...And there was a previous app in the firewall list at a similar path with a different SomeVersionNumber, which is now missing from the system, that seems like very high likelihood that it was an update to that app. It could then display a dialog that just says something like:

"It looks like the Metro app "teamviewer" has been updated. Would you like to remove the previous entry in the Firewall application list, & replace it with a new entry?
Old path:
New path:
<yes> <no>

:)
metal450
 
Posts: 50
Joined: Tue Dec 20, 2016 6:19 pm

Re: Updating Store/Metro Apps

Postby VistaFirewallControl » Fri Jan 06, 2017 12:19 pm

>As a possible suggestion, then: it looks like these Metro apps have pretty predictable paths, i.e.

Such solution is obvious, but predictable path can’t guarantee the same application.
Imagine, any malware aware of such behavior could just write its entity into the predictable path and viola, the unwanted access is guaranteed.
Unfortunately it looks like it’s the only workaround possible.
We will try to implement something like that.

And you are right, absence of the previous version can be a good sign to perform the permissions “update” smoothly. Thank you.

>It could then display a dialog that just says something like:

Not sure about the need of the dialog.
Your genuine intention was making the update smooth.
May be there is a sense to make it silent (popup-less).
What do you think?
VistaFirewallControl
Site Admin
 
Posts: 1492
Joined: Fri Mar 27, 2009 11:25 am

Re: Updating Store/Metro Apps

Postby metal450 » Fri Jan 06, 2017 6:04 pm

>>Not sure about the need of the dialog.

The prompt is because, as you said, there's no 100% guarantee that it's intentional/desired and not i.e. malware. With a prompt, the user is ultimately given the choice of "yeah, I believe it was updated" or "no, this is a trick!".

>>Your genuine intention was making the update smooth.

Simply clicking "yes" in a prompt is still much quicker & smoother than having to check which zone was applied to the old app, applying the zone, applying custom name for the new entry, removing the previous entry :) If you're concerned about making it totally transparent, it could always be an option in settings, i.e. "automatically accept new paths for Metro apps (more user friendly, but small potential for malware," so the user can decide their level of trust. In my case though, I'd definitely choose the single-click to confirm approach.

Another reason for explicit is just to be aware when my config is changing, as I always keep an exported copy of my config; if I wasn't aware that it changed, I wouldn't know that my exported copy is no longer current, etc.
metal450
 
Posts: 50
Joined: Tue Dec 20, 2016 6:19 pm

Re: Updating Store/Metro Apps

Postby VistaFirewallControl » Fri Jan 06, 2017 7:03 pm

Thank you, it's reasonable
VistaFirewallControl
Site Admin
 
Posts: 1492
Joined: Fri Mar 27, 2009 11:25 am


Return to Specific behavior

Who is online

Users browsing this forum: No registered users and 0 guests

cron
suspicion-preferred