navigation bar left navigation bar right

Secunia CSI7
navigation left tab Advisories navigation right tab
navigation left tab Research navigation right tab
navigation left tab Forums navigation right tab
navigation left tab Create Profile navigation right tab
navigation left tab Our Commitment navigation right tab
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Repetitive security threat on program that does not exist

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
haybarn Repetitive security threat on program that does not exist
Member 1st Jun, 2009 15:29
Ranking: 0
Posts: 5
User Since: 16th Apr, 2009
System Score: N/A
Location: N/A
I run a dual boot of Vista 64 and Win 7 RC 64, with the latter the default (it is very stable). I do not have Firefox 2 installed on either OS. Firefox 3 is installed on Vista. No Firefox version is installed on Win 7. Secunia PSI keeps warning me of an insecure Firefox 2 on Win 7. There does not seem to be any way of turning this false threat warning off.

wr RE: Repetitive security threat on program that does not exist
Contributor 1st Jun, 2009 18:48
Score: 308
Posts: 739
User Since: 30th Mar 2008
System Score: 100%
Location: US

To locate the exact file that the Secunia PSI has detected, please follow these guidelines using the advanced interface:

* Click on the entry of the program to "expand" it.
* Click on Technical details to see the installation path of the detected file.
* Remember the installation path and close down the menu.
* Click Open Folder and locate the detected program

Regards, wr

--
HP Pavilion Slimline s3020n
Windows Vista Home Premium SP2 32 bit
AMD 64 Athlon X2
Firefox 31.3.0 ESR
The weakest link of a computer system is always sitting in front of the monitor.
Was this reply relevant?
+0
-0
haybarn RE: Repetitive security threat on program that does not exist
Member 1st Jun, 2009 19:40
Score: 0
Posts: 5
User Since: 16th Apr 2009
System Score: N/A
Location: N/A
I just installed PSI in the last week or so as a Win 7 application. It is not installed on my dual boot Vista OS, which I rarely use now and is certainly out of date threat-wise.

Results of your reply are interesting, and somewhat scary. Within Windows 7 RC "Simple" mode, PSI sees only the 1 Firefox 2 threat. It took care of everything else after I installed it. It traces FF 2 to disk W, which is the Vista partition. In "Advanced" mode, PSI adds another 18 threats, again, all found on the Vista partition.

Is there not a potential danger in letting PSI resolve threats across two OS partitions? Or is it designed to do just that while not mixing up the two "Program" folders on each system (32 bit X86 and 64bit).
Was this reply relevant?
+0
-0
wr RE: Repetitive security threat on program that does not exist
Contributor 1st Jun, 2009 20:05
Score: 308
Posts: 739
User Since: 30th Mar 2008
System Score: 100%
Location: US
Last edited on 1st Jun, 2009 20:06
Secunia PSI doesn't make any changes to your OS(s) it merely points out insecurities & reveals patches. Operating the PSI in the Advance mode uses a larger database & therefore is able to detect & report more insecurities or end-of-life programs. That may be daunting to some people but I personally see it as a + after all, the more known problems brought to attention the more secure we can make our system(s). If either of your systems were on a backup drive/partition I'd suggest just create a ignore rule but since you can access them so can the bad guys; therefore I suggest using the Advance mode & patching/removing all questionable programs. Using the Simple mode only gives a sense of false security. Believe me if I can use the Advance mode anyone can as I have a problem w/ point & click & point & shoot. And there's always several people here on the Forum to help you-just ask. Good luck & regards.

wr

--
HP Pavilion Slimline s3020n
Windows Vista Home Premium SP2 32 bit
AMD 64 Athlon X2
Firefox 31.3.0 ESR
The weakest link of a computer system is always sitting in front of the monitor.
Was this reply relevant?
+0
-0
haybarn RE: Repetitive security threat on program that does not exist
Member 1st Jun, 2009 20:11
Score: 0
Posts: 5
User Since: 16th Apr 2009
System Score: N/A
Location: N/A
Thanks WR. I don't mind advanced mode at all and will address threats across both platforms. I have backup syncs, images, etc. on external drives for each OS so no worries.
Was this reply relevant?
+0
-0
wr RE: Repetitive security threat on program that does not exist
Contributor 1st Jun, 2009 20:18
Score: 308
Posts: 739
User Since: 30th Mar 2008
System Score: 100%
Location: US
You're welcome, hope everything turns out well for you. As I said earlier, there's always help available here on the Forum and while it may not be instant, by subscribing to a thread you'll be notified eventually.

Regards, wr

--
HP Pavilion Slimline s3020n
Windows Vista Home Premium SP2 32 bit
AMD 64 Athlon X2
Firefox 31.3.0 ESR
The weakest link of a computer system is always sitting in front of the monitor.
Was this reply relevant?
+0
-0
haybarn RE: Repetitive security threat on program that does not exist
Member 7th Jun, 2009 16:32
Score: 0
Posts: 5
User Since: 16th Apr 2009
System Score: N/A
Location: N/A
Well, Secunia did what I was afraid of. It saw Firefox 2 on my Vista partition, even though Secunia was running in Win 7, where there is no trace of any Firefox version. When I ran "Download Solution" it installed Firefox 3, not in the Vista location, but in Win 7! I cannot trust its analysis in a dual boot system. It lists 18 insecure or out-of-date applications and plug-ins, most of which are in the Vista partition, but installs the "solutions" under Win 7, where they were already up-to-date or not wanted by me in the first place.

I like Secunia and have used it for a long time. This is the first time I've relied on it in a dual-boot configuration and it wants to apply fixes under the running system, not at the source where it identified the problems.
Was this reply relevant?
+0
-0
Maurice Joyce RE: Repetitive security threat on program that does not exist
Handling Contributor 7th Jun, 2009 23:22
Score: 11865
Posts: 9,101
User Since: 4th Jan 2009
System Score: N/A
Location: UK
You are correct. Secunia scans all fixed drives but only updates the "live" drive from the toolbox like any other vendor including Microsoft.

Because U are not using Vista U may wish to create an ignore rule for that drive.

By default,Secunia will continue to scan it but will not show the results or nag U.

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
haybarn RE: Repetitive security threat on program that does not exist
Member 8th Jun, 2009 04:06
Score: 0
Posts: 5
User Since: 16th Apr 2009
System Score: N/A
Location: N/A
I'll do that - Thanks
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
 
Secunia © 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+