Ask Leo! #671 – What the CCleaner Hack Means to You

This Week

Another week, another hack. This week I share my thoughts on the CCleaner hack, as well as whether or not you can trust your service provider's own backups. I also look at good, free alternatives to Microsoft Office.

Busy Fall, Midwest Edition

Last week I mentioned that things break when I'm on vacation or super busy. This week the CCleaner hack falls into that bucket. Smile I hadn't planned on taking the time to write about it, but there were enough questions -- and hyperbole -- that it was warranted.

This week: Corgis! St. Louis! More correctly Purina farms, just outside of St. Louis, where the Pembroke Welsh Corgi Club's National Specialty is being held. Put in more traditional terms: Corgis from around the country will compete. No, none of my own, but I'm using helping out our breeder as an excuse for the trip.

What the CCleaner Hack Means to You


How about a word on CCleaner. Do you still recommend?

I do.

I don't believe in “one strike and you're out”. CCleaner remains a valuable tool for your computer maintenance needs…

… regardless of what is being said by some click-bait headlines.

What happened

For one month, downloads of CCleaner version 5.33.6162 included malicious software.

It's a company's worst nightmare. I'm constantly telling people to download software from the official download site to avoid unexpected add-ons in the form of PUPs and malware. When the official site itself is compromised, even that advice doesn't help.

Avast (the new owners of Piriform's CCleaner) has updated the product to remove the malware, and current downloads are safe. They're also in the process of determining the exact scope of the attack, who was vulnerable and to what degree, and what safeguards they need to avoid this type of thing happening again.

Initial indications are that while the malware has affected over two million machines, it's effectively been neutered. The malware itself did nothing malicious, other than act as a gateway for the potential backdoor installation of additional malware. The command-and-control servers used to make that delivery have been taken down. The current understanding is that this was a targeted attack on “select large technology and telecommunication companies”, according to Avast. Consumer machines were characterized as “uninteresting” to the malware.

What seems to have gone well

In my opinion, Avast has done a good job of publicly reporting the issues, and continuing to report on the progress of their investigation.

Of course this should never have happened, but as I've said before: there's no such thing as perfect security. What's arguably at least as important as good security is the quality, speed, and honesty in response to security issues that are discovered.

So far, Avast appears to be handling it well.

Disappointing headlines

I wish I could say the same for some of their competitors.

In recent days, I've seen at least two cases of companies I would characterize as being in competition with either Avast or CCleaner publishing headlines and “analysis” I can only characterize as hyperbole. Rather than addressing the specific issues encountered, and perhaps contrasting their own product in comparison, they seem to be using this event as an excuse to use the worst possible terms and impacts to characterize CCleaner (or Avast) as no longer trustworthy and something that should be immediately abandoned.

I don't agree. Not at all. So much so that my opinion of those other products has been somewhat diminished.

The worst-case scenario

One thing I've seen referenced is what I often refer to as the “nuclear option” when it comes to malware.

Specifically, some competitors have recommended that you completely reformat your machine and reinstall Windows from scratch if you happened to install the affected version of CCleaner.

In an absolute sense, that option is valid. Once you have malware on your machine, you have no idea what it might have done. But that's true for any and all malware, at any time and from any source. Why they happened to make that recommendation in response to this specific situation becomes highly suspect if they're not making it any other time.

At a more practical level, it's gross overkill, and in my opinion, unwarranted.

At worst, you might restore from a backup image taken prior to CCleaner's installation. Honestly, even that is overkill, and not something I recommend or will do myself.

What I recommend

My response to this is pretty simple, actually:

  • Update your copy of CCleaner, if you plan to use it, or simply uninstall your current copy. You can always reinstall later when you need the tool again.
  • Run up-to-date anti-malware scans. Your automated scans and updates may be enough, but to be on the safe side, have your security tool run a complete scan manually.
  • Stay alert to more news. If something more troubling is discovered, then take action in proportion to its severity. Right now, I'm not expecting anything major at all.

Most of all, I'm not recommending that you abandon CCleaner. It remains a good and useful tool.

As long as Avast's response continues to be appropriate, I see no reason to bail.

Related Links & Comments: What the CCleaner Hack Means to You

The Ask Leo! Guide to Online Privacy

There's no avoiding the issue: privacy issues are scary, complex, and even somewhat mystifying.

The Ask Leo! Guide to Online Privacy tackles these topics in terms you can understand. The Ask Leo! Guide to Online Privacy will help you understand what's at risk, what steps to take, and what to do when you're not sure.

The Ask Leo! Guide to Online Privacy

Can I Rely on My Online Service Provider's Backups?

I keep all my data in a cloud which is backed up automatically by the provider. Isn't that enough?

Almost certainly not.

If your data is kept only with that one online provider — be it email, online photo albums, online music collections, generic “cloud” storage, or more — there's a good chance you really have no backup at all.

The key is this: the backups online services make aren't for your protection at all; they're for the provider's.

Continue Reading: Can I Rely on My Online Service Provider's Backups?

What's a Good Free Alternative to Microsoft Office?

I've got an HP computer, a couple of months old, that came with Microsoft Office starter pre-installed. I tried to access the program and it won't come up. It tells me to go to Control Panel and repair, but I've had no success there. I've gone to the Microsoft site; still no luck. I tried again to open file, right-click, repair – nothing. Right-click compatibility – nothing. Help! I've gone to a past restore point and as a matter of fact, several. Nothing has changed. Help me please! Too late for today's report, but maybe sometime in the future. I can't afford to purchase Office. What in your opinion is the best free alternative for simple Word and Excel usage?

Microsoft Office is certainly the biggest player in the area of office applications. It's become the de-facto standard across the business world. It's also something Microsoft pushes fairly hard when you install Windows, by including the “starter” edition and the “Get Office” app in Windows 10.

There are many, many alternatives. Unfortunately, whether any of them are appropriate for your circumstance is impossible for me to say.

Let's review the list.

Continue Reading: What's a Good Free Alternative to Microsoft Office?

The Ask Leo! Tip of the Day

A feature exclusively available to Ask Leo! Patrons Bronze level & above.

More Ask Leo!

Become a Patron
Books - Business - Glossary
Facebook - YouTube - More..

Leo's Other Projects....

HeroicStories Since 1999, HeroicStories brings diverse, international voices to the world ' reminding us that people are good, that individuals and individual action matter. Stories - new and old - are published twice a week.

Not All News Is Bad - Each day I look for one story in the current news of the day with a positive bent. Just one. And I share it. - My personal blog. Part writing exercise, part ranting platform, it's where I write about anything and everything and nothing at all.

Help Ask Leo! Just forward this message, in its entirety (but without your unsubscribe link below) to your friends. Or, just point them at for their own FREE subscription!

Newsletter contents Copyright © 2017,
Leo A. Notenboom & Puget Sound Software, LLC.
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC

Posted: September 26, 2017 in: 2017
« Previous post:
Next post: »

New Here?

Let me suggest my collection of best and most important articles to get you started.

Of course I strongly recommend you search the site -- there's a ton of information just waiting for you.

Finally, if you just can't find what you're looking for, ask me!

Confident Computing

Confident Computing is the weekly newsletter from Ask Leo!. Each week I give you tools, tips, tricks, answers, and solutions to help you navigate today’s complex world of technology and do so in a way that protects your privacy, your time, and your money, and even help you better connect with the people around you.

The Ask Leo! Guide to Staying Safe on the Internet – FREE Edition

Subscribe for FREE today and claim your copy of The Ask Leo! Guide to Staying Safe on the Internet – FREE Edition. Culled from the articles published on Ask Leo! this FREE downloadable PDF will help you identify the most important steps you can take to keep your computer, and yourself, safe as you navigate today’s digital landscape.

My Privacy Pledge

Leo Who?

I'm Leo Notenboom and I've been playing with computers since I took a required programming class in 1976. I spent over 18 years as a software engineer at Microsoft, and after "retiring" in 2001 I started Ask Leo! in 2003 as a place to help you find answers and become more confident using this amazing technology at our fingertips. More about Leo.