|
|
Forum Thread: Acrobat reader 0day why is there nothing in PSI ?
You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.
This thread was submitted in the following forum:
Secunia PSI - Feedback and Questions
| celegorm
| Acrobat reader 0day why is there nothing in PSI ?
|
|
|
by celegorm on 27th Feb, 2009 09:52, last edited on 27th Feb, 2009 09:53
|
Posts: 8
User Since: 17th Dec, 2008
Secunia System Score: N/A
Location: N/A |
same pb as before with IE7 0day: PSI does not mention it in the insecure list.
I don't understand why : if the answered is that there is no patch available. what is the final goal of PSI ? help us to download patch or showing all the security flaw on installed applications ?
secunia do many things to secure PC but in hidding 0days and unpatched threat in PSI you do the worst: people think that their PC is secure, PSI report no threat and it is not the case.
|
|
|
| Underlien
| RE: Acrobat reader 0day why is there nothing in PSI ?
|
|
|
by Underlien on 27th Feb, 2009 09:59
|
Posts: 94
User Since: 4th Dec, 2008
Secunia System Score: N/A
Location: DK |
Since there is no patch for the problem the users of the program would have 2 choices:
1. Leave it alone and wait for a patch (what we are doing now)
2. Uninstall the program until there is a patch.
I think it could be cool if the PSI could make a new Subgroup for programs:
Known vulnerability but no fix yet.
Underlien
--
LG S900 Laptop
3GB RAM - Intel Dual Core 1.80 GHz
Ubuntu Linux 9.04
Virtual Machines running Windows Vista and Windows XP |
|
|
| celegorm
| RE: Acrobat reader 0day why is there nothing in PSI ?
|
|
|
by celegorm on 27th Feb, 2009 11:26
|
Posts: 8
User Since: 17th Dec, 2008
Secunia System Score: N/A
Location: N/A |
no need of a new category: it can be inserted in insecure list with an explanation: no patch available, you can desinstall it or wait for a patch...
PSI must not become a new false security tool with whom users think they have a secured environnement.
today it is the case and it not deserve Secunia.
|
|
|
| celegorm
| RE: Acrobat reader 0day why is there nothing in PSI ?
|
|
|
by celegorm on 28th Feb, 2009 09:55
|
Posts: 8
User Since: 17th Dec, 2008
Secunia System Score: N/A
Location: N/A |
anyone from Secunia to answered ? |
|
|
| BigDave_39
| RE: Acrobat reader 0day why is there nothing in PSI ?
|
|
|
by BigDave_39 on 28th Feb, 2009 10:03
|
Posts: 175
User Since: 26th Nov, 2008
Secunia System Score: N/A
Location: Washington, DC, US |
I think this is beyond the scope of what is the purpose of the PSI. The psi only notifies you about missing security patches - since there is no patch from Adobe then there is nothing to advise about.
I don't think this is a problem for the psi - this is only a problem for Adobe are their flawed politics for issuing patches.
--
Big Dave |
|
|
| Maurice Joyce
| RE: Acrobat reader 0day why is there nothing in PSI ?
|
|
|
by Maurice Joyce on 28th Feb, 2009 10:17, last edited on 28th Feb, 2009 10:17
|
Posts: 1,872
User Since: 4th Jan, 2009
Secunia System Score: 100%
Location: Salisbury, UK |
I agree with Big Dave. Secunia have posted two excellent articles:
http://secunia.com/advisories/33901/
http://secunia.com/blog/44/
The answers lies with Adobe to get their act together.
--
Maurice
HP Intel Pentium 4
Windows XP Home SP3
IE8 |
|
|
| celegorm
| RE: Acrobat reader 0day why is there nothing in PSI ?
|
|
|
by celegorm on 28th Feb, 2009 10:45, last edited on 28th Feb, 2009 10:45
|
Posts: 8
User Since: 17th Dec, 2008
Secunia System Score: N/A
Location: N/A |
PSI could report this kind of information without changing anything in PSI code.
PSI is useless if one of the apps installed can be used to hack the PC.
a tool that say all your application are safe and it's not the case is the worst thing. Secunia do a huge work and it's sad not to retreive it in its own great program (even in CSI(?)) |
|
|
| Bob_Primak
| RE: Acrobat reader 0day why is there nothing in PSI ?
|
|
|
by Bob_Primak on 1st Mar, 2009 09:29, last edited on 1st Mar, 2009 09:29
|
Posts: 45
User Since: 28th Feb, 2009
Secunia System Score: N/A
Location: Hinsdale, Illinois, US |
PSI could be configured to show that the Application is insecure, explain the risks, and advise in this case that the alternatives, like Foxit Reader, are not subject to this exploit. But PSI should report that there is as of now no better solution available. This has been done before.
--
-- Bob -- |
|
|
| celegorm
| RE: Acrobat reader 0day why is there nothing in PSI ?
|
|
|
by celegorm on 2nd Mar, 2009 17:00
|
Posts: 8
User Since: 17th Dec, 2008
Secunia System Score: N/A
Location: N/A |
my PC is still insecure and PSI tell me "all is fine dude"...
what a shame for a good security company like secunia.
|
|
|
| BertK88
| RE: Acrobat reader 0day why is there nothing in PSI ?
|
|
|
by BertK88 on 31st Jul, 2009 16:25
|
Posts: 2
User Since: 31st Jul, 2009
Secunia System Score: N/A
Location: N/A |
Someone knows if this is the case in NSI too? One could argue about home users, but for business users this information is critical.
Regards,
Bert
|
|
|
|
