Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Insecure report

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Microsoft
And, this specific program:
Microsoft OneNote 2003

This thread has been marked as locked.
taunton_Bill Insecure report
Member 12th Jun, 2009 00:39
Ranking: 0
Posts: 2
User Since: 12th Jun, 2009
System Score: N/A
Location: N/A
Secunia reports that c:\Program Files\Microsoft Office\OFFICE11\ONENOTE.EXE is insecure. I have checked that all security fixes are installed using both Microsoft Update and Link from Secunia report page. This returns message that update is already installed and rescanning does not clear warning. My version of OneNote is 11.0.8165.0. Anyone know waht the problem may be?

Old Phil RE: Insecure report
Member 12th Jun, 2009 01:31
Score: -1
Posts: 45
User Since: 19th Apr 2009
System Score: N/A
Location: Jamesport, US
A simple fix for a MS mistake!
http://secunia.com/community/forum/thread/show/189...
/powerpoint_office_powerpoint_viewer_2003_highligh ted_as_insecure


--
Home built fairly loaded box ASRock ConRoe1333-D667, 3.4 Intel Dual core, 2G ram, XP Home SP3 Linksys WRT160Nv2 router

733 Dell 512MB ram XP Pro SP3
Acer Aspire One baby lap top

100% Securnia score
Was this reply relevant?
+0
-0
taunton_Bill RE: Insecure report
Member 12th Jun, 2009 10:00
Score: 0
Posts: 2
User Since: 12th Jun 2009
System Score: N/A
Location: N/A
Sorry maybe being a bit thick, do not see how linked thread solves my problem.
Was this reply relevant?
+0
-0
Anthony Wells RE: Insecure report
Expert Contributor 12th Jun, 2009 11:43
Score: 2445
Posts: 3,333
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 12th Jun, 2009 11:50
If you check the other threads about Office , powerpoint and PPT you will see that you are not alone.
It seems to me that the link suggests a workaround by renaming/tagging the offending file if you are 120% sure it is properly patched . There also seem to be other "solutions" , you"ll have to search for the one that works for you.

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
tbaley RE: Insecure report
Member 14th Jun, 2009 06:40
Score: 2
Posts: 2
User Since: 26th Nov 2008
System Score: N/A
Location: N/A
Last edited on 14th Jun, 2009 06:42
Same problem here with OneNote. No matter what I do, short of deleting OneNote, Secunia reports it as an old, insecure version. However, it is the new, secure patched version from MS. Seems like a false positive.

Had the same problem with Firefox Portable, WireShark, and Tight VNC, all of which come on the portable Computer Repair Kit. Secunia did not like them. With Portable Firefox, it IS definitely the latest version.
Was this reply relevant?
+0
-0
JDW RE: Insecure report
Member 14th Jun, 2009 22:06
Score: 0
Posts: 5
User Since: 27th Jan 2008
System Score: N/A
Location: N/A
Same problem with me. I have extracted the files from the .exe file I was instructed to download. None of these solve the problem though.
Was this reply relevant?
+0
-0
Old Phil RE: Insecure report
Member 15th Jun, 2009 04:34
Score: -1
Posts: 45
User Since: 19th Apr 2009
System Score: N/A
Location: Jamesport, US
I see your deli ma, hopefully I can make it a little easier. Down load the update but do a save do not let it auto extract!!!! then unpack/unzip it. Ok open office find the old version file, re name .bak then drag/copy the newer version into the folder. Then delete the delete the Bak file, many programs will not update as they see an existing file that appears to be correct. The version number is key make sure you have the latest updated file, hope I helped a bit!

Phil

--
Home built fairly loaded box ASRock ConRoe1333-D667, 3.4 Intel Dual core, 2G ram, XP Home SP3 Linksys WRT160Nv2 router

733 Dell 512MB ram XP Pro SP3
Acer Aspire One baby lap top

100% Securnia score
Was this reply relevant?
+0
-0
JDW RE: Insecure report
Member 15th Jun, 2009 06:57
Score: 0
Posts: 5
User Since: 27th Jan 2008
System Score: N/A
Location: N/A
The four files are:
MSO.msp (when run tries to update Frontpage)
ohotfix.exe (won't run because update already installed)
ohotfix.ini
ohotfixr.dll

I am not sure which of these files I should copy across. Any help gratefully received.

Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer