Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: can your PC be at risk from an item in a folder

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Open Discussions

This thread has been marked as resolved.
taffy078 can your PC be at risk from an item in a folder
Contributor 14th Jan, 2014 14:32
Ranking: 408
Posts: 1,335
User Since: 26th Feb, 2009
System Score: 100%
Location: UK
Let's say I saved a document in My Documents using a version of Adobe Reader that was later found to be at risk/compromised.

Let's say that a Secunia scan alerted me to the insecurity and installed a new and safe version of Reader.

(1) Is my PC at risk from the saved document i.e. does that document provide a route into my PC for hackers etc.

(2) Will PSI pick up that document?
(I think it will because many have posted here that despite uninstalling the old version, PSI is still flagging an issue - I've seen many solutions from Maurice along the lines of "expand the results to see where the issue is - you may have uninstalled the old version but is there anything in your wastebin/another folder in My Computer".)

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003

Post "RE: can your PC be at risk from an item in a folder" has been selected as an answer.
taffy078 RE: can your PC be at risk from an item in a folder
Contributor 18th Jan, 2014 10:49
Score: 408
Posts: 1,335
User Since: 26th Feb 2009
System Score: 100%
Location: UK
does anyone know - please?

or is this a stupid question?

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+0
-0
ddmarshall RE: can your PC be at risk from an item in a folder
Dedicated Contributor 18th Jan, 2014 23:35
Score: 1208
Posts: 961
User Since: 8th Nov 2008
System Score: 98%
Location: UK
1. No. An attacker will use a specially crafted PDF to trigger a vulnerability in Adobe Reader which allows them to install their exploit. Once you have patched Adobe Reader, opening the PDF will no longer cause the vulnerability. Adobe Reader will either display the document in some way or terminate with an error message.

2. No. PSI does not scan PDFs. It only scans executable files to extract version information in order to tell if you have a patched version installed. Sometimes when a program is updated the previous version is retained or not deleted when it should be. A copy of the unpatched version might be in a backup location. PSI will find and report these old versions.

--
This answer is provided “as-is.” You bear the risk of using it.
Was this reply relevant?
+3
-0
taffy078 RE: can your PC be at risk from an item in a folder
Contributor 19th Jan, 2014 09:27
Score: 408
Posts: 1,335
User Since: 26th Feb 2009
System Score: 100%
Location: UK
much appreciated. Thank you.

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability