Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: The SECURE BROWSING section in ADVANCED Interface Mode contains e...

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
musicjunkie70 The SECURE BROWSING section in ADVANCED Interface Mode contains erroneous information
Member 3rd Jul, 2009 09:48
Ranking: 0
Posts: 17
User Since: 4th Dec, 2008
System Score: N/A
Location: US
After running the Secunia PSI v1.5.0.0 scan, the SECURE BROWSING section in Interface Mode ADVANCED shows that my Microsoft Internet Explorer 8.x and Mozilla Firefox 3.0.x browsers have critical attack vectors and are not secure for browsing. There's only one problem: it also shows plugins and extensions I hadn't installed yet!

Let me provide some background information on what happened leading up to this issue. I had to restore my hard drive from scratch after some software called Advanced SystemCare destroyed my system registry. After reformatting my hard drive, reloading my operating system, applying a gazillion Microsoft updates, and downloading and installing Internet Explorer 8.0, a firewall, anti-virus protection, the Firefox 3.5 browser, and the Thunderbird e-mail client, among a few other things, I downloaded and installed the Secunia PSI v1.5.0.0 and ran a scan. It showed that my Internet Explorer and Firefox browsers were insecure. It also showed that both browsers had plugins and extensions I hadn't installed yet. For example, it showed that my Internet Explorer browser had Adobe Reader 8.x and RealPlayer 11.x plugins installed, each of which had a Secunia PSI status of "Insecure, no solution." Neither plugin was installed. Even though I had just installed Internet Explorer 8.0 for the very first time, its status also came up as "Insecure, no solution." I installed those plugins and reran the Secunia PSI scan. The results were the same.

As for my Firefox browser, it shows extensions Answers 2.x (listed 5 times by the Secunia PSI), CustomizeGoogle 0.x (listed 5 times by the Secunia PSI), and IE Tab 1.x (listed 1 time by the Secunia PSI) as being installed and plugins Adobe Reader 8.x, RealPlayer 11.x, and Java Console 6.x as being installed, none of which was installed. The Adobe Reader 8.x and RealPlayer 11.x plugins each had a status of "Insecure, no solution." Even though I had just installed Firefox 3.5 for the very first time, its status also came up as "Insecure, no solution." Before I ran the Secunia PSI scan, I had installed Firefox extensions Adblock Plus and NoScript. Adblock Plus was listed 3 times and NoScript 2 times by the Secunia PSI. I installed Adobe Reader, RealPlayer, and Java Console and reran the Secunia PSI. The results were the same.

I uninstalled and reinstalled the Secunia PSI v1.5.0.0, ran a scan, and still got the same results. I patched all programs that were listed as Insecure and End-of Life, but it had no effect. I can't figure out what is causing this problem.

About my computer:

I have a Dell XPS 400 computer with Intel Core 2 Duo processors (Intel Pentium D CPU 2.80GHz). I have 3GB of RAM and a 250GB hard drive. My operating system is Microsoft Windows XP Media Center Edition, Version 2002, Service Pack 3. My Windows operating system is fully up to date. My default browser is Mozilla Firefox 3.5, and my e-mail client is Mozilla Thunderbird 2.0.0.22. My anti-virus software is Avira AntiVir Free Edition. My firewall is Comodo Free Edition.

Please let me know if you need any more information about my computer or information about other software I have installed on it.

Maurice Joyce RE: The SECURE BROWSING section in ADVANCED Interface Mode contains erroneous information
Handling Contributor 3rd Jul, 2009 09:50
Score: 11743
Posts: 9,000
User Since: 4th Jan 2009
System Score: N/A
Location: UK
When U say U reformatted your hard drive how did U do it?

Did U use a genuine Microsoft OS disk or a Dell OEM recovery disk or from a backup partition from your hard drive?

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
musicjunkie70 RE: The SECURE BROWSING section in ADVANCED Interface Mode contains erroneous information
Member 3rd Jul, 2009 10:07
Score: 0
Posts: 17
User Since: 4th Dec 2008
System Score: N/A
Location: US
Dell has a function during reboot that, when invoked, reformats the rest of the hard drive and restores it with the contents from an original installation image partition on the hard disk. At least that's how Dell Tech Support explained it to me.
Was this reply relevant?
+0
-0
Maurice Joyce RE: The SECURE BROWSING section in ADVANCED Interface Mode contains erroneous information
Handling Contributor 3rd Jul, 2009 23:29
Score: 11743
Posts: 9,000
User Since: 4th Jan 2009
System Score: N/A
Location: UK
It is very difficult to advise if U have reformatted using the Dell OEM backup.

The trouble is with OEM versions of Windows is that manufacturers add programmes & bits & pieces that are not available on a pure Windows OS genuine install disk.

These normally include items like Real Player,Python,PC Doctor,JAVA,etc and with Dell I believe U also get a programme called Media Direct. This is almost certainly where U got those elements from that U claim U have not installed.

It is also possible that a quick format has been carried out prior to the new installation. This is not ideal in your situation.
I would take a detailed look at the documentation of your PC. I would strongly advise a complete format if that option is available.



--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
musicjunkie70 RE: The SECURE BROWSING section in ADVANCED Interface Mode contains erroneous information
Member 4th Jul, 2009 03:11
Score: 0
Posts: 17
User Since: 4th Dec 2008
System Score: N/A
Location: US
Last edited on 4th Jul, 2009 04:53
Maurice:

What does the Dell OEM backup have to do with my Secunia PSI problem, and what difference does it make that third party programs are included in the Dell OEM backup? For one thing, the third party programs that were included by Dell and that were scanned by my Secunia PSI are now considered secure by the PSI Overview and Patched screens after I updated them. (By the way, Python, PC Doctor, and Media Direct didn't come with my Dell OEM.) For another thing, the Firefox browser was not part of the Dell OEM. And Firefox extensions Answers, CustomizeGoogle, and IE Tab, which are unique to Firefox and which I discovered that the Secunia PSI is detecting from a temporary Firefox backup I created on my hard drive, do not come from Dell. For still another thing, I updated RealPlayer and Adobe Reader as directed by my Secunia PSI and they are now secure according to the PSI Overview and Patched screens, but not according to the PSI Secure Browsing screen, even though the path (C:\Program Files\Real\RealPlayer\realplay.exe and C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe) for each program is identical on the Patched and the Secure Browsing screens. My sole concern is the unjustified browser insecurities shown on the Secunia PSI Secure Browsing screen.

I believe that a quick format of my hard drive was carried out by the Dell restore function prior to its reload of the initial Dell installation from the Dell image partition on my hard drive. Why is this not an ideal situation, and how did it allegedly create the problem I am having with the Secunia PSI? Are you saying that it is up to me to prove that the restore of my hard drive from my Dell OEM backup is not the cause of my Secunia PSI problem?
Was this reply relevant?
+0
-0
musicjunkie70 RE: The SECURE BROWSING section in ADVANCED Interface Mode contains erroneous information
Member 9th Jul, 2009 22:34
Score: 0
Posts: 17
User Since: 4th Dec 2008
System Score: N/A
Location: US
When I enable and run a thorough system inspection with the Secunia OSI, why doesn't it detect my alleged browser insecurities detected by my Secunia PSI?
Was this reply relevant?
+0
-0
Maurice Joyce RE: The SECURE BROWSING section in ADVANCED Interface Mode contains erroneous information
Handling Contributor 9th Jul, 2009 22:59
Score: 11743
Posts: 9,000
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Sorry, I have only just noticed U responded to my last post - is all OK now?

Your latest query is that OSI is not designed for that - it only scans these programmes:
http://secunia.com/vulnerability_scanning/online/p...

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
musicjunkie70 RE: The SECURE BROWSING section in ADVANCED Interface Mode contains erroneous information
Member 10th Jul, 2009 01:22
Score: 0
Posts: 17
User Since: 4th Dec 2008
System Score: N/A
Location: US
Last edited on 10th Jul, 2009 01:26
All is not OK now. The problem that prompted me to start this thread remains unchanged.
Was this reply relevant?
+0
-0
Maurice Joyce RE: The SECURE BROWSING section in ADVANCED Interface Mode contains erroneous information
Handling Contributor 10th Jul, 2009 10:20
Score: 11743
Posts: 9,000
User Since: 4th Jan 2009
System Score: N/A
Location: UK
My reading of your initial concern was that various plug ins were showing from a PSI scan although U claim U have never installed them.

I am merely pointing out they could indeed have been installed.

The quick format option does not clear the hard drive completely before reinstallation. Those items my not have been removed from your previous set up.

An OEM version of Windows is full of extra's & I gave U some idea of the type of programmes which manufacturers add to a pure Windows installations. Unless U know exactly what files are on the OEM that could be another source of the mystery.

If U are in the PSI advanced mode have U looked at the paths where PSI claims to have found the files?

Knowing this detail the answer is one of 3.

1. They were never removed by the quick format option.
2. They were installed as part of OEM (doubtful but ...)
3. It is a false positive by PSI - highly unlikely & U can verify this by finding the files PSI has found on your system.

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
musicjunkie70 RE: The SECURE BROWSING section in ADVANCED Interface Mode contains erroneous information
Member 11th Jul, 2009 00:49
Score: 0
Posts: 17
User Since: 4th Dec 2008
System Score: N/A
Location: US
Last edited on 11th Jul, 2009 00:49
Let me restate my problems as clearly as I can so that there is no confusion.

After carrying out a quick format of my hard drive by the Dell restore function prior to its reload of the initial Dell installation from the Dell image partition on my hard drive after Advanced SystemCare 3.3.2 destroyed my system registry, I downloaded and installed Windows XP Service Pack 3 to replace Service Pack 2, and I downloaded and installed Internet Explorer 7 and then Internet Explorer 8 to replace Internet Explorer 6. I then downloaded Comodo as my firewall, Avira AntiVir as my anti-virus software, Firefox 3.5 as my default browser, Adobe Reader, RealPlayer, and Secunia PSI v1.5.0.0.

After installing Secunia PSI, I ran a scan and updated every program flagged as Insecure or End-of-Life by the PSI, including Adobe Reader and RealPlayer. I ran PSI scans until the PSI Overview screen and the PSI Patched screen in Advanced Interface Mode showed that I had no Insecure or End-of-Life programs.

Even though the PSI Overview and Patched screens show that I have no Insecure or End-of-Life programs, the PSI Secure Browsing screen in Advanced Interface Mode shows that my Microsoft Internet Explorer 8.x and Mozilla Firefox 3.0.x browsers have critical attack vectors and are not secure for browsing. The critical attack vectors shown on the PSI Secure Browsing screen for my Microsoft Internet Explorer 8.x browser are Adobe Reader 8.x., Microsoft Internet Explorer 8.x, and RealPlayer 11.x. The critical attack vectors shown on the PSI Secure Browsing screen for my Firefox 3.0.x browser are Adobe Reader 8.x. and RealPlayer 11.x. All the critical attack vectors have a Status of "Insecure, no solution" on the PSI Secure Browsing screen. The PSI Patched screen shows that Adobe Reader 8.x., Microsoft Internet Explorer 8.x, and RealPlayer 11.x. are patched. Both the Secure Browsing and Patched screens show that my Firefox 3.0.x browser is patched. The paths on my PC for my Adobe Reader program (C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe) and my RealPlayer program (C:\Program Files\Real\RealPlayer\realplay.exe) are identical on both the Secure Browsing and Patched screens. I tried uninstalling and reinstalling Secunia PSI several times, rebooting my PC several times, and running PSI scans after each install and reboot, but the results were the same.

A second problem I have identified is that the version of my Firefox browser is 3.5, not a 3.0.x version as shown on the PSI Secure Browsing screen.

My sole concern is to determine why the above problems, and only the above problems, are occurring and if there is anything I can do to resolve them.
Was this reply relevant?
+0
-0
musicjunkie70 RE: The SECURE BROWSING section in ADVANCED Interface Mode contains erroneous information
Member 14th Jul, 2009 00:53
Score: 0
Posts: 17
User Since: 4th Dec 2008
System Score: N/A
Location: US
Isn't there anyone who has a resolution to or explanation for my problems (see my previous post)?
Was this reply relevant?
+0
-0
Maurice Joyce RE: The SECURE BROWSING section in ADVANCED Interface Mode contains erroneous information
Handling Contributor 14th Jul, 2009 11:41
Score: 11743
Posts: 9,000
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Last edited on 14th Jul, 2009 11:41
I do not use any of the programmes U describe except IE8.

IE 8 should be showing in Secure browsing as insecure with 2 green lights & a link to SA24314 - is that what U can see?

Do any of the other insecurities point to or mention ACTIVE X?

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
musicjunkie70 RE: The SECURE BROWSING section in ADVANCED Interface Mode contains erroneous information
Member 15th Jul, 2009 01:22
Score: 0
Posts: 17
User Since: 4th Dec 2008
System Score: N/A
Location: US
Last edited on 15th Jul, 2009 05:13
Yes, IE 8 is showing in Secure Browsing as insecure with 2 green lights and a link to SA24314. None of the other insecurities point to or mention ACTIVE X.

I think I see what's going on here, so please correct me if I'm wrong. I think that Secunia considers as patched my Microsoft Internet Explorer 8.x browser, my Mozilla Firefox 3.5.x browser, my Adobe Reader 8.x plugin, and my RealPlayer 11.x plugin because I have applied all available patches to them, as indicated by my Secunia PSI Patched screen in Advanced Interface Mode, but that Secunia still considers all of them to have insecurities. In other words, a browser, program, or plugin can still be considered insecure by Secunia even if all patches have been applied because someone in the Secunia community has identified vulnerabilities that need to be fixed by the vendor. If my conjecture is true, then it means there's nothing I can do to fix my browser insecurities.

By the way, my Secunia PSI now recognizes my version of Firefox browser as 3.5.x instead of 3.0.x, so this problem appears to be resolved.
Was this reply relevant?
+0
-0
Maurice Joyce RE: The SECURE BROWSING section in ADVANCED Interface Mode contains erroneous information
Handling Contributor 15th Jul, 2009 09:31
Score: 11743
Posts: 9,000
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Last edited on 15th Jul, 2009 09:34
U are correct. If U hover your cursor over the blue idicators with IE 8 it gives U the details. Clicking on the SA link takes U to the advisery. In the case of IE8 U will note it is a minor issue but worthy of note when surfing.

As I say I do not use the other programmes & cannot find any threads on the Forum that indicate others are having problems with them. I believe Firefox now has a problem which was triggered yesterday.

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
Anthony Wells RE: The SECURE BROWSING section in ADVANCED Interface Mode contains erroneous information
Expert Contributor 15th Jul, 2009 11:10
Score: 2445
Posts: 3,332
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 15th Jul, 2009 11:26
I can confirm what you are discussing as concerns Firefox versions 3.0xx & 3.5xx .

The vulnerability in v 3.5xx is highly critical (category4) & not yet patched as in SA35798.

PSI does not show Adobe 9.0xx plug-in in Firefox as "not secure for browsing" if it is fully patched.
I don't use RealPlayer , as such.

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability