Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: SA34215 (KB960225) on a WinXP (Pro) SP3 updated 2 ways, each succ...

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
kxxxk SA34215 (KB960225) on a WinXP (Pro) SP3 updated 2 ways, each successful, but Secunia PSI still flags it
Member 8th Apr, 2009 20:14
Ranking: 0
Posts: 8
User Since: 8th Jan, 2009
System Score: N/A
Location: N/A
Last edited on 9th Apr, 2009 05:41

The full subject is: SA34215 (KB960225) on a WinXP (Pro) SP3 updated 2 ways, each successful, but Secunia PSI still flags it as insecure

Secunia PSI flagged SA34215 (KB960225) on my WinXP (Pro) SP3 system (as a Cat. 4) and "Download Solution" was used which led to Microsoft Update which was run and KB960225 was selected (among a few others) downloaded and installed successfully. However, in a rescan (necessarily of the entire system) the Secunia PSI flagging of SA3415 (KB960225) was unchanged. This time I went to the Secunia SA3415 advisory webpage (indicated as Cat. 3 there), went to page 2 and clicked on the "Apply Patch" link for Windows XP SP3. Using IE7, "Download" and then "Run" were selected, and this patch was downloaded and installed successfully also. I rebooted just to be sure, but a system scan by Secunia PSI still showed an "Insecure Program" flag for Windows XP Professional, Service Pack 3, which "online references" once again, as before, showed was SA34215 (KB960225).

Incidentally, _prior_ to the above, an eEye Blink Personal, Vulnerability Assessment flagged the same vulnerability (KB960225). _After_ the above, this vulnerability was no longer present when I redid that Vulnerability Assessment.

**Have others had Secunia PSI flag the operating system (WinXP Pro SP3) as insecure per a certain KB number vulnerability even after Microsoft and others have said it was successfully patched as far as that same KB number was concerned?**

wr RE: SA34215 (KB960225) on a WinXP (Pro) SP3 updated 2 ways, each successful, but Secunia PSI still flags it
Contributor 8th Apr, 2009 22:50
Score: 308
Posts: 736
User Since: 30th Mar 2008
System Score: 100%
Location: US
To locate the exact file that the Secunia PSI has detected, please follow these guidelines using the
ADVANCED interface:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
* Click on the + sign of the program to “expand’ it.
* Click on Technical Details in the Toolbox to see the installation path of the detected file.
* Remember the installation path and close down the menu.
* Click Open Folder and locate the detected file.
If the detected file is in a backup or installation location you may safely create a ignore rule so Secunia doesn't report it.

Regards, wr

--
HP Pavilion Slimline s3020n
Windows Vista Home Premium SP2 32 bit
AMD 64 Athlon X2
Firefox 24.4.0 ESR
The weakest link of a computer system is always sitting in front of the monitor.
Was this reply relevant?
+0
-0
kxxxk RE: SA34215 (KB960225) on a WinXP (Pro) SP3 updated 2 ways, each successful, but Secunia PSI still flags it
Member 8th Apr, 2009 23:19
Score: 0
Posts: 8
User Since: 8th Jan 2009
System Score: N/A
Location: N/A
In my experience a path is never given in "Technical Details" when the advisory involves MS Windows itself. This is[/i] true here also.
Was this reply relevant?
+0
-0
wr RE: SA34215 (KB960225) on a WinXP (Pro) SP3 updated 2 ways, each successful, but Secunia PSI still flags it
Contributor 8th Apr, 2009 23:31
Score: 308
Posts: 736
User Since: 30th Mar 2008
System Score: 100%
Location: US
Technical details


Technical details about this installation of Adobe Flash Player 10.x (ActiveX Control), you can use this information to determine why the Secunia PSI detected the program and the security state of it.

Version Detected:
10.0.22.87

Installation Path:
c:\Windows\System32\Macromed\Flash\Flash10b.ocx

Last Inspection of Program:
8th Apr. 2009, 18:54 CET

Close
This is what I'm talking about. I just copied & pasted so you could see what exactly I was saying. If you'll notice the second entry says "Installation Path:" & then shows said path.

Regards, wr

--
HP Pavilion Slimline s3020n
Windows Vista Home Premium SP2 32 bit
AMD 64 Athlon X2
Firefox 24.4.0 ESR
The weakest link of a computer system is always sitting in front of the monitor.
Was this reply relevant?
+0
-0
kxxxk RE: SA34215 (KB960225) on a WinXP (Pro) SP3 updated 2 ways, each successful, but Secunia PSI still flags it
Member 9th Apr, 2009 00:26
Score: 0
Posts: 8
User Since: 8th Jan 2009
System Score: N/A
Location: N/A
Please believe me when I say that the "Technical details" link in the "Toolbox" does not give the path in this instance. It does give the path for 3rd party applications like Adobe Flash Player 10.x . But in my experience it does not where the advisory concerns Windows (the operating system) itself. I cannot paste a picture here, but here is a cut and paste of the text contents of the "Technical details" sub-window that pops up when I follow your (otherwise very good) instructions in the case I am describing:

Technical details

Technical details about this installation of Microsoft Windows XP Professional, you can use this information to determine why the Secunia PSI detected the program and the security state of it.

Version Detected:
Service Pack 3

Last Inspection of Program:
8th Apr. 2009, 20:25 CET

This is followed by the "Close" button.

...and that is it!!!
Was this reply relevant?
+0
-0
wr RE: SA34215 (KB960225) on a WinXP (Pro) SP3 updated 2 ways, each successful, but Secunia PSI still flags it
Contributor 9th Apr, 2009 01:37
Score: 308
Posts: 736
User Since: 30th Mar 2008
System Score: 100%
Location: US
OK then-I am presuming that the OS is showing up in the PSI interface under the Patched setting? Have you opened the Insecure program setting? If it shows up there it's probably being detected on an installation partition or a backup partition-external drive?-if so just create a ignore rule so that PSI doesn't report it after a scan.

wr

--
HP Pavilion Slimline s3020n
Windows Vista Home Premium SP2 32 bit
AMD 64 Athlon X2
Firefox 24.4.0 ESR
The weakest link of a computer system is always sitting in front of the monitor.
Was this reply relevant?
+0
-0
kxxxk RE: SA34215 (KB960225) on a WinXP (Pro) SP3 updated 2 ways, each successful, but Secunia PSI still flags it
Member 16th Apr, 2009 01:35
Score: 0
Posts: 8
User Since: 8th Jan 2009
System Score: N/A
Location: N/A
Last edited on 16th Apr, 2009 01:54
**Have others had Secunia PSI flag the operating system (WinXP Pro SP3) as insecure per a certain KB number vulnerability even after Microsoft and others have said it was successfully patched as far as that same KB number was concerned?**

[Later] This is now a dead issue for me. With my recent Secunia PSI scan this "insecurity" no longer comes up.
Was this reply relevant?
+0
-0
wr RE: SA34215 (KB960225) on a WinXP (Pro) SP3 updated 2 ways, each successful, but Secunia PSI still flags it
Contributor 16th Apr, 2009 03:26
Score: 308
Posts: 736
User Since: 30th Mar 2008
System Score: 100%
Location: US
Good to hear that problem has been resolved.

Regards,
wr

--
HP Pavilion Slimline s3020n
Windows Vista Home Premium SP2 32 bit
AMD 64 Athlon X2
Firefox 24.4.0 ESR
The weakest link of a computer system is always sitting in front of the monitor.
Was this reply relevant?
+0
-0
Nopparat RE: SA34215 (KB960225) on a WinXP (Pro) SP3 updated 2 ways, each successful, but Secunia PSI still flags it
Member 16th Apr, 2009 03:53
Score: 0
Posts: 1
User Since: 16th Apr 2009
System Score: N/A
Location: N/A
on 8th Apr, 2009 20:14, kxxxk wrote:
The full subject is: SA34215 (KB960225) on a WinXP (Pro) SP3 updated 2 ways, each successful, but Secunia PSI still flags it as insecure

Secunia PSI flagged SA34215 (KB960225) on my WinXP (Pro) SP3 system (as a Cat. 4) and "Download Solution" was used which led to Microsoft Update which was run and KB960225 was selected (among a few others) downloaded and installed successfully. However, in a rescan (necessarily of the entire system) the Secunia PSI flagging of SA3415 (KB960225) was unchanged. This time I went to the Secunia SA3415 advisory webpage (indicated as Cat. 3 there), went to page 2 and clicked on the "Apply Patch" link for Windows XP SP3. Using IE7, "Download" and then "Run" were selected, and this patch was downloaded and installed successfully also. I rebooted just to be sure, but a system scan by Secunia PSI still showed an "Insecure Program" flag for Windows XP Professional, Service Pack 3, which "online references" once again, as before, showed was SA34215 (KB960225).

Incidentally, _prior_ to the above, an eEye Blink Personal, Vulnerability Assessment flagged the same vulnerability (KB960225). _After_ the above, this vulnerability was no longer present when I redid that Vulnerability Assessment.

**Have others had Secunia PSI flag the operating system (WinXP Pro SP3) as insecure per a certain KB number vulnerability even after Microsoft and others have said it was successfully patched as far as that same KB number was concerned?**

Was this reply relevant?
+0
-0
wr RE: SA34215 (KB960225) on a WinXP (Pro) SP3 updated 2 ways, each successful, but Secunia PSI still flags it
Contributor 16th Apr, 2009 04:30
Score: 308
Posts: 736
User Since: 30th Mar 2008
System Score: 100%
Location: US
To those who don't know how to ask a question on this forum-please please click on reply instead of quote & type in your question. Some of our inboxes are getting filled up with a lot of quotes with no questions asked. This is frustrating to us to say the least-we get a email thinking someone has a question or a solution to a problem only to find a quote with nothing in the rest of the box. I'm going to unsubscribe to this thread & any others where this problem continues-I have better things to do with my time than read the same quotes over & over as I'm sure other people do too.

wr

--
HP Pavilion Slimline s3020n
Windows Vista Home Premium SP2 32 bit
AMD 64 Athlon X2
Firefox 24.4.0 ESR
The weakest link of a computer system is always sitting in front of the monitor.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability