Secunia
Login
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Thread: Yahoo! Music Jukebox 2.2.2.56
You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.This thread was submitted in the following forum:
Programs
|
Relating to this vendor: Yahoo! |
And, this specific program: Yahoo! Music Jukebox 2.x |
| binky01 | Yahoo! Music Jukebox 2.2.2.56 |
|---|---|
 |
10th Aug, 2011 22:19 |
|
Ranking: 0 Posts: 2 User Since: 10th Aug, 2011 System Score: N/A Location: US |
According to the PSI scan result: "The version detected of Yahoo! Music Jukebox 2.x was 2.0.0.134 while the latest version including one or more security fixes is 2.2.2.56." When I click on "Install Solution" it links to the Rhapsody Premium Music Subscription, which I don't want. The only references to 2.2.2.56 seem to be from 2008 & related to discussions of vulnerabilities. Any suggestions, or is 2.2.2.56 not a viable program. Thanks. |
Post "RE: Yahoo! Music Jukebox 2.2.2.56" has been selected as an answer.
| wr | RE: Yahoo! Music Jukebox 2.2.2.56 | ||||||||
|
10th Aug, 2011 23:08 | ||||||||
| Score: 298 Posts: 716 User Since: 30th Mar 2008 System Score: 100% Location: US |
Hi binky01 Here's what I found on Wikipedia: According to the Yahoo site, the software is no longer available for purchase, as it has been bought out by Rhapsody. All clients were switched during the middle part of 2008.[1] As of summer 2008, the Jukebox no longer streams online content. The Jukebox may still be used to manage purchased music and local music, but no longer connects to any online services. If one wants to continue streaming Yahoo! Music, they should proceed to music.yahoo.com and listen to "My Station" from the website. Hope this helps. Regards, wr -- HP Pavilion Slimline Windows Vista Home Premium SP2 32 bit AMD Athlon 64 X2 Firefox 17.0.6 ESR The weakest link of a computer system is always sitting in front of the monitor. |
||||||||
|
|||||||||
| Anthony Wells | RE: Yahoo! Music Jukebox 2.2.2.56 | ||||||||
|
10th Aug, 2011 23:09 | ||||||||
| Score: 2324 Posts: 3,203 User Since: 19th Dec 2007 System Score: N/A Location: N/A Last edited on 10th Aug, 2011 23:19 |
Hi , The Secunia Advisory SA28757 seems to indicate that there is a vulnerability affecting versions up to and including version 2.2.2.056 :- http://secunia.com/advisories/28757/ This dates back to 2008 and suggests updating to the latest version - not specified . Whether there is a "latest" version I cannot say , but a quick search of the web only produces version 2.0.2.056 .**** It is an old programme and appears to be supported if the PSI is saying it is "insecure" and not "End of Life" ; or is it showing as "EOL" ?? Post the details as provided by the troubleshoot report :- http://secunia.com/vulnerability_scanning/personal... Anthony EDIT**** : hereis a link for 2.2.2.058 , it do not know if this is a reputable site , so beware :- http://www.filecluster.com/downloads/Yahoo-Music-J... -- It always seems impossible until its done. Nelson Mandela |
||||||||
|
|||||||||
| binky01 | RE: Yahoo! Music Jukebox 2.2.2.56 | ||||||||
|
|
11th Aug, 2011 13:54 | ||||||||
| Score: 0 Posts: 2 User Since: 10th Aug 2011 System Score: N/A Location: US |
Hi Anthony, This is showing as EOL. Does that make a difference? |
||||||||
|
|||||||||
| Anthony Wells | RE: Yahoo! Music Jukebox 2.2.2.56 | ||||||||
|
|
11th Aug, 2011 15:21 | ||||||||
| Score: 2324 Posts: 3,203 User Since: 19th Dec 2007 System Score: N/A Location: N/A Last edited on 11th Aug, 2011 15:25 |
Hi binky , You locked this thread by clicking the "Accept" button below wr's post . I asked Secunia support to re-open it so I could answer your question . Once you are completely happy that all your questions are answered , you can re-lock the thread clicking/using the "Accept" button under any post (usually the one which helped you most) ; this stops tag-on posters and spam posters filling your mail box with useless update emails . To answer your question :- If the PSI says it is "insecure" and you can update it , then such a programme is supported by the vendor and you , them and the PSI can keep you patched and up to date . Of course , sometimes , there is a known insecurity/vulnerability for which there is no patch yet available as is the current situation with Java JRE U26 . You cannot patch the problem as yet , so you just need to be extra careful in using anything that accesses/needs Java to work . Extra information (for more expert users) is found in the "Secure Browsing" module of the PSI . An "EOL" means the vendor has stopped supporting the programme and any future problems will not be tracked and you will not be advised of any potential/actual problem arises . This means that with time the bad guys may get into programme and so your system . Reading what is said in the extract from Wiki (posted by wr) , it seems that even though the programme has a known "insecurity as per SA28757 :- http://secunia.com/advisories/28757/ you can no longer go online to websites and so that would reduce your exposure to risk and only using it for music you already have downloaded to your machine would also seem to give limited exposure to danger . Going anywhere new and listening to new stuff would increase the danger . Only you can decide whether the risk of keeping the programme is acceptable to you . If you choose to keep the programme you can set an "ignore rule" so that the PSI no longer displays the programme in the scan results ; not a decision to be taken lightly . Please ask if anything is not clear . Anthony -- It always seems impossible until its done. Nelson Mandela |
||||||||
|
|||||||||
