Forum Thread: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Adobe Systems
And, this specific program:
Adobe Reader 9.x

This thread has been marked as locked.
gerd_1972 Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 2nd Aug, 2009 22:25
Ranking: 0
Posts: 6
User Since: 2nd Aug, 2009
System Score: N/A
Location: N/A
Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163

rgerard127 RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 3rd Aug, 2009 01:14
Score: 0
Posts: 1
User Since: 5th Jul 2009
System Score: N/A
Location: N/A
I just upgraded Adobe Reader to 9.1.3. However, the upgrade does not appear to touch AcroRd32.exe. It's property still reads as version 9.1.0.163. PSI is looking at the EXE file to determine what version your running.
Was this reply relevant?
+0
-0
Major senior RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 4th Aug, 2009 06:28
Score: 0
Posts: 1
User Since: 3rd Dec 2008
System Score: N/A
Location: N/A
on 3rd Aug, 2009 01:14, rgerard127 wrote:
I just upgraded Adobe Reader to 9.1.3. However, the upgrade does not appear to touch AcroRd32.exe. It's property still reads as version 9.1.0.163. PSI is looking at the EXE file to determine what version your running.


... PSI is looking at the EXE file to determine what version your running. It's evident ! But why PSI does'nt detect the fact that Reader was patched (version 9.13)?
Was this reply relevant?
+0
-0
Al Williams RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 5th Aug, 2009 16:41
Score: 0
Posts: 1
User Since: 24th May 2008
System Score: N/A
Location: N/A
on 3rd Aug, 2009 01:14, rgerard127 wrote:
I just upgraded Adobe Reader to 9.1.3. However, the upgrade does not appear to touch AcroRd32.exe. It's property still reads as version 9.1.0.163. PSI is looking at the EXE file to determine what version your running.



I also have the same problem! Apparently Secunia doesn't look at the same information as Adobe Reader because Adobe Reader reports 9.l.3. Why does Secunia look at the wrong information?

Al Williams
Was this reply relevant?
+0
-0
Orient_River RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 5th Aug, 2009 17:21
Score: 0
Posts: 2
User Since: 3rd Jul 2009
System Score: N/A
Location: N/A
Same issue here...Secunia is reporting an incorrect version.
Was this reply relevant?
+0
-0
Orient_River RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 5th Aug, 2009 17:21
Score: 0
Posts: 2
User Since: 3rd Jul 2009
System Score: N/A
Location: N/A
Same issue here...Secunia is reporting an incorrect version.
Was this reply relevant?
+0
-0
MeccStar RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 5th Aug, 2009 23:10
Score: 0
Posts: 1
User Since: 24th Feb 2009
System Score: N/A
Location: N/A
Last edited on 5th Aug, 2009 23:11
I have determined that, on my system, the actual installed version of AcroRd32.exe is indeed 9.1.3. However,if you query the 'properties' of the file, it reports 9.1.0.163. Apparently, the installer program failed to update the version field of the file directory entry, which, it also appears, is what PSI looks to for its version data.

The question I have now is: Is there a manual method to change the version datum in the file directory? If we could do that, PSI would see it and everything would be ok (I think).

At any rate, regardless of what PSI reports, I am satisfied that the program is up to date and as safe as possible.

Leonard
Was this reply relevant?
+0
-0
kygin RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 6th Aug, 2009 16:51
Score: 0
Posts: 6
User Since: 16th Jan 2008
System Score: N/A
Location: US
Same situation here, but with Acrobat as well as Reader. File version reported through Properties is the old version, file version reported in About with the program open is 9.1.3. It's an Adobe problem, one that likely won't be addressed any time soon.
Was this reply relevant?
+0
-0
wr RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Contributor 6th Aug, 2009 19:00
Score: 308
Posts: 739
User Since: 30th Mar 2008
System Score: 100%
Location: US
http://secunia.com/community/forum/thread/show/243... Please read the post by AJNorth02 in this link-it may help with the problem.

Regards, wr

--
HP Pavilion Slimline s3020n
Windows Vista Home Premium SP2 32 bit
AMD 64 Athlon X2
Firefox 31.4.0 ESR
The weakest link of a computer system is always sitting in front of the monitor.
Was this reply relevant?
+0
-0
WMACK RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 6th Aug, 2009 19:20
Score: 0
Posts: 11
User Since: 20th Nov 2008
System Score: 100%
Location: CA
I just rescanned and it now shows patched.

--
HP Pavilion E win 7 Home Premium 64 bit
Was this reply relevant?
+0
-0
kygin RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 6th Aug, 2009 20:07
Score: 0
Posts: 6
User Since: 16th Jan 2008
System Score: N/A
Location: US
I rescanned, too, and it shows both Reader and Adobe Acrobat as being patched, but they still have the unpatched version number listed. Is it possible this will cause problems later?
Was this reply relevant?
+0
-0
wr RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Contributor 6th Aug, 2009 22:14
Score: 308
Posts: 739
User Since: 30th Mar 2008
System Score: 100%
Location: US
Last edited on 6th Aug, 2009 22:25


--
HP Pavilion Slimline s3020n
Windows Vista Home Premium SP2 32 bit
AMD 64 Athlon X2
Firefox 31.4.0 ESR
The weakest link of a computer system is always sitting in front of the monitor.
Was this reply relevant?
+0
-0
poutnikl RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 7th Aug, 2009 06:48
Score: 0
Posts: 55
User Since: 8th May 2008
System Score: 99%
Location: CZ
Last edited on 7th Aug, 2009 06:49
I had the same problem. The about menu item, reported 9.1.3,
but PSI 9.1.0.163. It happened short after Reader update.

But, I looked at Reader executable in its folder and it had suspicious filedate from February. I got an idea - restarted PC. Adobe installer did not required to do so, but it is always good practice at bigger software.

And, after reboot, PSI reported it correctly as 9.1.3
Was this reply relevant?
+0
-0
eSKzHvZreJxktYLUd4jN1oy... RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 17th Aug, 2009 15:01
Score: -1
Posts: 82
User Since: 7th Dec 2009
System Score: N/A
Location: N/A
Quote from http://www.sans.org/newsletters/newsbites/newsbite...

"[Editor's Note (Northcutt): I think organizations should avoid Adobe if possible. Adobe security appears to be out of control, and using their products seems to put your organization at risk. Try to minimize your attack surface. Limit the use of Adobe products whenever you can. ]"

Fortunatelly there are lots of other free PDF-readers like Foxit Reader, Sumatra PDF etc.

http://www.foxitsoftware.com/pdf/reader
http://blog.kowalczyk.info/software/sumatrapdf/ind...
http://pdfreaders.org/
Was this reply relevant?
+0
-0
poutnikl RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 17th Aug, 2009 18:49
Score: 0
Posts: 55
User Since: 8th May 2008
System Score: 99%
Location: CZ
Well, but less advisories does not always mean safer software.
It can also mean less checked software.

If I need not to report vulnerabilities
of various flavours of UNIX and LINUX,
my reporter's life would be much easier.

But it does not lead me to conclusion Windows is safer.
Was this reply relevant?
+0
-0
eSKzHvZreJxktYLUd4jN1oy... RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 18th Aug, 2009 10:40
Score: -1
Posts: 82
User Since: 7th Dec 2009
System Score: N/A
Location: N/A
poutnikl: I completely agree. :-)
Was this reply relevant?
+0
-0
Kiroupirou RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 19th Aug, 2009 10:15
Score: 0
Posts: 1
User Since: 19th Aug 2009
System Score: N/A
Location: N/A
Hi all,

Actually it was not really a problem from Secunia. The bug is more on Adobe side. Actually the file acrord32.exe has two version file on it and the engin from Secunia was looking @ the wrong one.
Was this reply relevant?
+0
-0
gerd_1972 RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 30th Aug, 2009 14:20
Score: 0
Posts: 6
User Since: 2nd Aug 2009
System Score: N/A
Location: N/A
Well, rescanning does NOT resolve the issue for me. I still shows up unpatched
Was this reply relevant?
+0
-0
RxDdude RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 30th Aug, 2009 15:47
Score: 4
Posts: 33
User Since: 20th Aug 2009
System Score: N/A
Location: US
Last edited on 30th Aug, 2009 16:04
Kudos to -HBR- who, at about five items above, suggests moving away from Adobe software and offers links to some free alternative PDF readers, since Adobe seems not to be, as I would say, taking care of business; and, there are alternative free PDF readers available.
That's regretted, but it looks like a fair assessment, -HBR-. I say, regretted, because I have respect for Adobe's longstanding elite status and their past pioneering of useful apps., and one dislikes to see this good name being ruined by a careless management in this later generation.
Now, I would like to poll the Forum as to:
A. which of these alternate apps are you using and finding to be "good" to use, including, not loaded with vulnerabilities needing to be patched?
B. which ones have you found being monitored by Secunia PSI?
If there is a "magic bullet" out there, I would want to use it. It may be that it is merely a lack of attention heretofore by exploiters and equally by the vuln-testers in the online community, that provides a measure of currently good results...

Falling Rock

- - " 'The Earth grows degenerate, corrupt, in these latter days. Evil abounds. Men cheat men in the marketplace. The rulers threaten and oppress the people. Children despise their elders; even the dogs no longer obey their masters. Surely the end of the world is near.'
- - Inscription on Assyrian stone tomb, ca. 2200 B.C." ( translation unattributed; quoted from memory of the item printed in Fort Worth Star-Telegram, ca. A.D. 1974 )



--
Was this reply relevant?
+0
-0
RxDdude RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 30th Aug, 2009 16:46
Score: 4
Posts: 33
User Since: 20th Aug 2009
System Score: N/A
Location: US


--
Was this reply relevant?
+0
-0
Anthony Wells RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Expert Contributor 30th Aug, 2009 16:53
Score: 2495
Posts: 3,386
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

@FallingRock ,

This is my reply to your post on the other thread :-

The data you detail is much the same as mine & I consider that I have version 9.1.3 fully patched.

This is further detailed on this thread ;-

http://secunia.com/community/forum/thread/show/240...

and others.

V9.0.246.0 refers to the "authplay.dll" file which patched v9.1.2 to v9.1.3.


--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
eSKzHvZreJxktYLUd4jN1oy... RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 31st Aug, 2009 11:27
Score: -1
Posts: 82
User Since: 7th Dec 2009
System Score: N/A
Location: N/A
on 30th Aug, 2009 15:47, RxDdude wrote:

A. which of these alternate apps are you using and finding to be "good" to use, including, not loaded with vulnerabilities needing to be patched?
B. which ones have you found being monitored by Secunia PSI?


A. I like SumatraPDF, and also Foxit Reader if you make sure to exclude the Ask Toolbar during installation.

B. I don't think I have any programs on my PC's that is not detected by the PSI. Should you have any you can make a software suggestion so it can be added to the database.
Was this reply relevant?
+0
-0
Slamgeden RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 31st Aug, 2009 15:52
Score: 0
Posts: 181
User Since: 17th Jul 2009
System Score: N/A
Location: N/A
I have to recommend SumatraPDF over foxit, because not only is SumatraPDF Free Software (Freedom AND beer!), but it also doesn't sneak crapware into your system. Double-bonus.

--
Assorted Fnords.
Was this reply relevant?
+0
-0
RxDdude RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 25th Sep, 2009 01:11
Score: 4
Posts: 33
User Since: 20th Aug 2009
System Score: N/A
Location: US
Thanks. Will look into it. World of Trust had only three comments by users; all were positive, so far, however.


--
Was this reply relevant?
+0
-0
d_j_owen RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 28th Sep, 2009 21:53
Score: 0
Posts: 1
User Since: 28th Sep 2009
System Score: N/A
Location: UK
on 2nd Aug, 2009 22:25, gerd_1972 wrote:
Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163

The solution is easy.
Do not use Adobe Updater to update Reader via the program (Adobe Reader - Help - Updater).
Use the Secunia link to get the updates.
If you have already updated to 9.1.3 then you may need to uninstall Adobe Reader and start with a fresh install of Adobe Reader.
Using the Secunia link there are a number of updates presented to you.
9.1.2 is further down the page.
Install 9.1.2 and PSI will be happy.
Now you can install 9.1.3 and you will be fully patched and PSI will report you as being fully patched.
This often happens if multiple patches are applied in one go, they do not necessarily apply them in order.
Was this reply relevant?
+0
-0
as39 RE: Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163
Member 11th Oct, 2009 20:07
Score: 0
Posts: 3
User Since: 8th Jul 2009
System Score: N/A
Location: N/A
on 2nd Aug, 2009 22:25, gerd_1972 wrote:
Adobe Reader 9.1.3 is detected by PSI as 9.1.0.163

Was this reply relevant?
+0
-0

This thread has been marked as locked.