Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: PSI 3.0 Programs That Need Updating (Show Details) / Browser Plugins

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as resolved.
lmacri PSI 3.0 Programs That Need Updating (Show Details) / Browser Plugins
Member 8th Jul, 2012 02:32
Ranking: 42
Posts: 87
User Since: 9th Sep, 2009
System Score: N/A
Location: CA
Before I upgrade to PSI 3.0, could anyone tell me what level of detail PSI 3.0 displays if you right-click on the icon of a program that needs updating and select the "Show details" option from the pop-up? For example, can you still see the installation path of the executable, a link to detailed information about the relevant Secunia Advisory, and whether the software is end-of-life vs. insecure? The PSI 3.0 Walkthrough video at http://youtu.be/iUmaLmO0gx0 explains how users can right-click icons to choose "Ignore updates to this programs" but doesn't mention anything about the "Show details" option.

And since PSI 3.0 no longer has a Secure Browsing feature, are browser plugins like Adobe Flash and the Java JRE listed in the top "Programs that need updating" section of PSI 3.0 when security advisories are posted about these plugins?

--
Vista Home Premium SP2 32-bit * NIS 2013 v. 20.5.0.28 * IE 9 * FF v. 31.0 * PSI v. 2.0.0.3003

Post "RE: PSI 3.0 Programs That Need Updating (Show Details) / Browser Plugins" has been selected as an answer.
E.Jeppesen RE: PSI 3.0 Programs That Need Updating (Show Details) / Browser Plugins
Secunia Official 9th Jul, 2012 14:35
Score: 220
Posts: 618
User Since: 24th Nov 2008
System Score: N/A
Location: Copenhagen, DK
Currently the “Show details” menu will provide you with the installation path, the name of the detected file and the exact version detected. Double-clicking the installation path will open Windows Explorer and take you directly to the folder where the detected file is located.

A link to the advisory is not available yet but will be added in a coming release of PSI 3.

Obviously, the PSI continues to inform you about vulnerable programs for which the vendor has released a patch. The “Secure Browsing” section however is not available in PSI 3.x.
throkr. RE: PSI 3.0 Programs That Need Updating (Show Details) / Browser Plugins
Member 9th Jul, 2012 14:40
Score: 72
Posts: 85
User Since: 22nd Nov 2009
System Score: 100%
Location: BE
Last edited on 9th Jul, 2012 14:41
on 9th Jul, 2012 14:35, E.Jeppesen wrote:
The “Secure Browsing” section however is not available in PSI 3.x.


Will this very useful option added again to PSI 3 in a future release ?
Thank you !



--
Win 8.1.1 Pro x64

OSS Pro - MBAM Pro - SAS Pro - Secunia PSI (2.0.0.3003)
Mozilla Firefox - Cyberfox (x64) - SRWare Iron

- All current versions & updates -
Was this reply relevant?
+0
-0
E.Jeppesen RE: PSI 3.0 Programs That Need Updating (Show Details) / Browser Plugins
Secunia Official 10th Jul, 2012 09:28
Score: 220
Posts: 618
User Since: 24th Nov 2008
System Score: N/A
Location: Copenhagen, DK
The "Secure Browsing" feature will not be added to PSI 3.x.
throkr. RE: PSI 3.0 Programs That Need Updating (Show Details) / Browser Plugins
Member 10th Jul, 2012 14:37
Score: 72
Posts: 85
User Since: 22nd Nov 2009
System Score: 100%
Location: BE
Thank you for this information.

--
Win 8.1.1 Pro x64

OSS Pro - MBAM Pro - SAS Pro - Secunia PSI (2.0.0.3003)
Mozilla Firefox - Cyberfox (x64) - SRWare Iron

- All current versions & updates -
Was this reply relevant?
+0
-0
dabruro RE: PSI 3.0 Programs That Need Updating (Show Details) / Browser Plugins
Member 10th Jul, 2012 16:20
Score: 0
Posts: 4
User Since: 28th Jan 2008
System Score: 96%
Location: US
on 10th Jul, 2012 09:28, E.Jeppesen wrote:
The "Secure Browsing" feature will not be added to PSI 3.x.


Many of us are disappointed about losing this functionality and have downgraded to 2..x, although of course this is not viable long-term.

Information about which software (esp. browser) has zero-day vulnerabilities is useful because we can be extra careful when using that software, or use an alternative, until a patch is available!

See http://secunia.com/community/forum/thread/show/129... for example.

I guess you chose to drop Secure Browsing because this is not considered a feature that an average user would want and it will be only in other products like CSI? Instead of dropping Secure Browsing, why don't you provide some advice for average users on how to mitigate the risk when there's a vulnerability with no patch avail.?

First of all just tell them to be extra careful not to frequent disreputable sites while this vulnerability remains unpatched, or even suggest installing a reputation add-on like WOT or SiteAdvisor. You could also identify antivirus products that are currently able to block exploits. Of course if it's the browser itself you could provide links to install a different browser (and maybe even how to migrate your bookmarks etc).

Or for example if it's a Flash vulnerability you could suggest installing something like FlashBlock add-on or changing IE internet zone settings. If it's Adobe Reader you could provide links to alternative pdf readers.

Or you could provide a link to a test page (if an exploit is published) where they can find out whether they are really vulnerable or whether their antivirus software or an add-on is blocking exploits.


--
D Rosen
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability