Secunia
Login
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Thread: Reporting "insecure" for removed instances
You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.This thread was submitted in the following forum:
Programs
|
Relating to this vendor: Oracle Corporation |
And, this specific program: Oracle Java JDK 1.7.x / 7.x |
| kassoe | Reporting "insecure" for removed instances |
|---|---|
 |
11th May, 2012 12:08 |
|
Ranking: 0 Posts: 4 User Since: 11th May, 2012 System Score: N/A Location: DK |
Secunia PSI 2.0 keeps reporting "insecure" even though the instances have been removed. Machine runs Win7-64. The following are reported as insecure: Oracle Java JDK 1.7.x / 7.x Detected instances: C:\Program Files (x86)\Java\jdk 1.7.0_02\bin\javac.exe, version 7.0.20.13 Oracle Java JRE 1.7.x / 7.x Detected instances: C:\Program Files (x86)\Java\jdk 1.7.0_02\bin\java.exe, version 7.0.20.13 C:\Program Files (x86)\Java\jdk 1.7.0_02\jre\bin\javac.exe, version 7.0.20.13 C:\Program Files (x86)\Java\jdk 1.7.0_02\jre7\bin\javac.exe, version 7.0.20.13 None of the above appear as installed in the control panel. The files and the folders listed above do not exist (admin account, and I have also checked using command prompt window). Currently all Java visible from the GUI has been uninstalled. Have rescanned and rebooted/rescanned. What's the problem? |
Post "RE: Reporting "insecure" for removed instances" has been selected as an answer.
| Maurice Joyce | RE: Reporting "insecure" for removed instances | ||||||||
|
11th May, 2012 18:14 | ||||||||
| Score: 10492 Posts: 8,054 User Since: 4th Jan 2009 System Score: 100% Location: UK |
Are those vulnerabilities showing on the troubleshhot report after the latest reboot & full PSI recsan? FINDING A FILE PATH USING PSI VERSION 2 From the DASHBOARD page click on SCAN RESULTS. 1. This will list all your programmes with a + to the left of each programme. 2. Click the + sign next to the item that U want help with. 3. This will reveal the path under DETECTED INSTANCES. 4. Below DETECTED INSTANCES you will see this You can double click this row for additional information & options>double click it>a box will appear>look to the RIGHT & U will see TROUBLESHOOT REPORT in BLUE writing under the heading TOOLBOX> click TroubleShoot Report. -- Maurice Windows 7 SP1 64 Bit OS HP Intel Pentium i7 IE 10 for Windows 7 16GB RAM |
||||||||
|
|||||||||
| kassoe | RE: Reporting "insecure" for removed instances | ||||||||
|
|
11th May, 2012 19:44 | ||||||||
| Score: 0 Posts: 4 User Since: 11th May 2012 System Score: N/A Location: DK |
Hi Maurice, I followed the sequence you describe, except that I wrote up the error report manually. The troubleshoot report is copied below. After I uninstalled all instances and reinstalled the newest, I now see that Secunia has marked two of the installations with classification "zombie installation". I wonder if that just means that something is hanging in the registry. The actual installation directories don't exist as indicated by Secunia when I check my file tree from explorer.exe and from the command prompt. kassoe ---START--- Program Name: Oracle Java JRE 1.7.x / 7.x Security State: Patched Download Link: http://dl.secunia.com/SPS/JavaJRE_7u3_32-bit.exe Instances Found: C:\Program Files (x86)\Java\jre7\bin\java.exe, version: 7.0.40.22 C:\Program Files (x86)\Java\jdk1.7.0_02\bin\java.exe, version: 7.0.20.13 C:\Program Files (x86)\Java\jdk1.7.0_02\jre\bin\java.exe, version: 7.0.20.13 Last System Scan (localtime): 11. May 2012, 11:00 Operating System: Microsoft Windows 7, Microsoft Windows 7 ---END--- |
||||||||
|
|||||||||
| Maurice Joyce | RE: Reporting "insecure" for removed instances | ||||||||
|
|
11th May, 2012 21:12 | ||||||||
| Score: 10492 Posts: 8,054 User Since: 4th Jan 2009 System Score: 100% Location: UK |
Where U see detected instances in the Troubleshoot Report there are two yellow folders. Click the one WITHOUT the red dot. That will open Windows Explorer & show U exactly where PSI found those files. Right click to delete any U do not want including zombie files. A full PSI rescan should give the result U want. -- Maurice Windows 7 SP1 64 Bit OS HP Intel Pentium i7 IE 10 for Windows 7 16GB RAM |
||||||||
|
|||||||||
| kassoe | RE: Reporting "insecure" for removed instances | ||||||||
|
|
12th May, 2012 00:19 | ||||||||
| Score: 0 Posts: 4 User Since: 11th May 2012 System Score: N/A Location: DK |
Nope, a mouse-over does produce an "open folder" label but action does not follow. When I copy/paste the directory path in which the file(s) should be located, that directory and the containing directory does not exist. This is consistent with what I reported above. I did use the "rescan program" option. Without being an expert it to me still looks like some residual path from a bad uninstall is being found by Secunia. | ||||||||
|
|||||||||
| Maurice Joyce | RE: Reporting "insecure" for removed instances | ||||||||
|
|
12th May, 2012 01:20 | ||||||||
| Score: 10492 Posts: 8,054 User Since: 4th Jan 2009 System Score: 100% Location: UK |
It is not a mouse over action. Just to confirm did U complete this procedure? PSI indicates it is in that folder with the others. DELETING A FILE OR FOLDER USING PSI VERSION 2 1. Open PSI>Scan results. 2. Against the programme marked as vulnerable is a + sign to the left of it. 3. Click that & it will reveal DETECTED INSTANCES. 4. Below that are two yellow folders. Click the one WITHOUT a red dot. 5. That will open Windows Explorer & U will be able to see the vulnerable file. C:\Program Files (x86)\Java\jdk1.7.0_02\jre\bin\java.exe, version: 7.0.20.13 6. Right click on any files that require deletion. 7. Carry out a full PSI scan & all should be in order. Update 16 00:17 12/05/2012 -- Maurice Windows 7 SP1 64 Bit OS HP Intel Pentium i7 IE 10 for Windows 7 16GB RAM |
||||||||
|
|||||||||
| kassoe | RE: Reporting "insecure" for removed instances | ||||||||
|
|
12th May, 2012 12:30 | ||||||||
| Score: 0 Posts: 4 User Since: 11th May 2012 System Score: N/A Location: DK |
Thanks Maurice for insisting. I didn't realize that the icon itself was clickable (but I went there manually anyhow). User interface with the pop-up mouse-over label confused me. As for the the problem, it's gone now. No reports of zombie installations are left. The only thing I can think of is that I maybe have not before done a full restart of the machine and a full PSI rescan after the uninstall/reinstall. Maybe I only used "rescan this program". I'm sure I did full restart/rescan initially after uninstalling. So it appears the I had to do the following before I got it cleaned up: Full uninstall of all instances -> restart machine -> reinstall of newest Java -> restart machine -> full PSI rescan. | ||||||||
|
|||||||||
| Maurice Joyce | RE: Reporting "insecure" for removed instances | ||||||||
|
|
12th May, 2012 13:55 | ||||||||
| Score: 10492 Posts: 8,054 User Since: 4th Jan 2009 System Score: 100% Location: UK |
Pleased to see U are all fixed up. On that basis, I will lock this thread for U sometime tomorrow unless U post back asking for it to be left open. This will protect your mail box from possible update emails from "tag on" posts You can of course lock threads U have created. Just click the ACCEPT button in the post of the helper who offered U the best solution/advice to solve your problem. Secunia Support can always reopen threads by applying by email to: support@secunia.com -- Maurice Windows 7 SP1 64 Bit OS HP Intel Pentium i7 IE 10 for Windows 7 16GB RAM |
||||||||
|
|||||||||
