navigation bar left navigation bar right

Secunia CSI7
navigation left tab Advisories navigation right tab
navigation left tab Research navigation right tab
navigation left tab Forums navigation right tab
navigation left tab Create Profile navigation right tab
navigation left tab Our Commitment navigation right tab
Open Discussions
My Threads
Create Thread

Forum Thread: Shockwave

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:

This thread has been marked as locked. Shockwave
Member 10th Jan, 2014 16:14
Ranking: 0
Posts: 2
User Since: 1st Jan, 1970
System Score: N/A
Location: N/A
CSI reporting major version only, not minor. The deployment to 5000+ PCs for all read and are listed as insecure. Scan is current for devices.

M.Strehse RE: Shockwave
Secunia Official 13th Jan, 2014 09:12
Score: 0
Posts: 13
User Since: 4th Mar 2013
System Score: N/A
Location: Copenhagen, DK
Hi There,

I have just installed version on one of my Testmachines after a quick scan the version is correctly detected.

How do you scan your devices ?

Best regards,

Maik Strehse
Solution Specialist
Secunia Shockwave
Member 13th Jan, 2014 14:37
Last edited on 13th Jan, 2014 14:37 We only import data from SCCM which has the correct version and a manual check of the EXE shows x.148 as well. Secunia seems to be reading it wrong. All 5000+ show adobe\shockwave\swinit.exe being
Was this reply relevant?
M.Strehse RE: Shockwave
Secunia Official 17th Jan, 2014 08:48
Score: 0
Posts: 13
User Since: 4th Mar 2013
System Score: N/A
Location: Copenhagen, DK
Hi There,

please contact our Customer Support Team at to have one of our technicians look at your environment and further investigation.

Best regards,

Maik Strehse
Solution Specialist
eobiont RE: Shockwave
Member 21st Jan, 2014 19:40
Score: 0
Posts: 6
User Since: 25th Oct 2012
System Score: N/A
Location: US
I have run into this problem myself. It is a reporting error, but the machines still seem to be taking the update. I suppose we will run into trouble when/if an update is released where only that last (4th) version part is changed and the first three parts remain. As far as I can tell, there is no version of 12.0.7 that is not r148 (

To be fair, I think this problem is not entirely Secunia's. Looking at the data collected by SCCM, the version information for SWINIT.exe gets reported like '12.0.4r144' or '12.0.7r148' This is found in the SoftwareFile table in SCCM's SQL database.

For now, it would probably be best if Secunia only considered the first three parts when detecting the patched status. Either that, or the process that imports the data from SCCM would need to be modified so that it converts 12.0.4r144 to

In Explorer, the version of the file is detected as but SCCM doesn't collect it that way. I can see both sides of this one. Secunia can only see the information that SCCM collects, but if Secunia wants to sell an SCCM importer, it should be able to translate the data in SCCM to what Secunia wants in their product.
Was this reply relevant?
This user no longer exists RE: Shockwave
Secunia Official 28th Jan, 2014 10:00
Last edited on 28th Jan, 2014 10:01 Hi,

Secunia CSC have seen similar issues occurring in rare occasions in the past, as there may be several reasons causing such mishandling of the metadata of your software. As we are unfortunate to be unable to replicate the same issue at our test lab, we kindly request customers experiencing this issue, or similar relating to another software, to report their cases to including short introduction to your observations, and if possible, screens and log files that factual confirm the issue and present relevant system information to us.

We like to thank you for your comments and suggestions so far. While the suggestion to detect the first 3 extensions of the version number sounds good, this is not the most efficient method to resolve similar problems because it's somewhat based on assumption that the last numbers always match (which may as well be changed on the fly by the vendor thus causing additional issues and not really solving the problem). Rather we tend to interpret incorrectly presented version numbers into the correct numbers by placing logic within our rules.

Please note that when scan data is received by the CSI, the latter compares the versions of the detected software against the Patched version numbers for that program (which is the next secure version). Whether CSI presented "12.0.7" or "" wouldn't matter as long as none of these is a secure version. They all get the same recommendation to patch to the same version. This means that SPS packages will not be affected by the version number problem and packages will install correctly. If CSI detects an Insecure program version as Patched, then this is a real problem to SPS patching.

We would once again highly recommend you to report your case to may as well request you to participate at a remote session which would aim to detect and resolve the issue on the spot. If we determine the issue, but we are unable to solve it, we will request our Dev team to investigate promptly.

We are looking forward towards receiving your email.

Kind regards / Stay Secure
Rosen Danailov / Security+
Secunia Customer Support

This thread has been marked as locked.

 Products Solutions Customers Partner Resources Company
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
Technology Partners
 About us

Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
Secunia © 2002-2015 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+