Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: One onther thing on PSI not identifying Chrome

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
jckinnick One onther thing on PSI not identifying Chrome
Member 18th Mar, 2012 23:01
Ranking: 6
Posts: 142
User Since: 21st May, 2010
System Score: N/A
Location: N/A
Just curious why Qualsy Browser Check picked up that i had a Java plug in zombie file and PSI didn't.


Referring to this thread


http://secunia.com/community/forum/thread/show/122...


Maurice Joyce RE: One onther thing on PSI not identifying Chrome
Handling Contributor 18th Mar, 2012 23:07
Score: 11710
Posts: 8,952
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Are U referring to PSI V 2.0.0.4003?

If so it has got a long standing bug in that it does not show all the browser items.

To get that information U require V 2.0.0.3003 if U have retained a download link (Secunia do not supply one)

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+1
-0
jckinnick RE: One onther thing on PSI not identifying Chrome
Member 18th Mar, 2012 23:10
Score: 6
Posts: 142
User Since: 21st May 2010
System Score: N/A
Location: N/A
on 18th Mar, 2012 23:07, Maurice Joyce wrote:
Are U referring to PSI V 2.0.0.4003?

If so it has got a long standing bug in that it does not show all the browser items.

To get that information U require V 2.0.0.3003 if U have retained a download link (Secunia do not supply one)



Yeah 4003
Was this reply relevant?
+0
-0
Maurice Joyce RE: One onther thing on PSI not identifying Chrome
Handling Contributor 18th Mar, 2012 23:23
Score: 11710
Posts: 8,952
User Since: 4th Jan 2009
System Score: N/A
Location: UK
My first reply gave the answer. That version has a fault.

U can revert to version 2.0.0.3003 if U have retained your own installer file or use Qualy's Browser Checker as U are doing now for a full report.

Not sure of the relationship between your Thread Header & post. I am talking about JAVA as per the post.

I do not use third party browsers but as far as I know the Chrome stable version should be showing - perhaps Anthony will confirm that for U.

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
Anthony Wells RE: One onther thing on PSI not identifying Chrome
Expert Contributor 19th Mar, 2012 17:11
Score: 2437
Posts: 3,323
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 19th Mar, 2012 21:46
Hi ,

To be clear , I do not run a Stable version of Chrome browser , however by chance my Stable version of Chrome Frame (an IE BHO as explained in the "other threads") happens to be displayed by the PSI ; in the Scan Results module it shows my Sun Java as Sun Java JRE 6.0.310.5 as fully patched and in the Secure Browsing module as "unpatched/no vendor solution" and subject to SA45173 .

Old/out of date versions of Sun Java JRE 6.x are potentially insecure and should be deleted ; if you have something showing as a "zombie" in either the PSI or Qualys , then you need to tell us the installation path in order to evalute the situation .

In your open Chrome browser you can (but only if you are careful) select the Spanner icon (top rhs) ->settings ->show advanced settings ->Privacy ->content settings ->plug-ins ->disable plug-ins and you will get a list of all your plug-ins . Scroll down to see Java ; I cannot tell you what you will see concerning Sun Java version 6 as I also have Oracle Java version 7 loaded and this is preferred/selected by me and Chrome .

You can see a similar display in Firefox and IE and in my experience the Browser internal display , the PSI display and the Qualys are the same (when the same programmes are covered) . Whatever , it is likely that if your old PSI was telling you pokies about Chrome then it might have been the same for Java ; so if your new PSI is giving you 100% green , I would leave well alone . I believe in "if it ain't broke don't fix it" rather than "tweak it some more" .

Hope that is clear .

Take care

Anthony

EDIT: VLC player has just (security) updated from version 2.0.0 to 2.0.1 , this has been detected by the PSI and by FileHippo but has not yet been picked up by Qualys : everything in it's own time .



--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability