Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Insecure Browser SAID SA24314

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Microsoft
And, this specific program:
Microsoft Internet Explorer 8.x

This thread has been marked as locked.
This user no longer exists Insecure Browser SAID SA24314
Member 9th Aug, 2009 11:47
Ranking: 0
Posts: 8
User Since: 1st Jan, 1970
System Score: N/A
Location: N/A
Hi everyone,

I have run into a problem with the 'Secure Browsing' tab where the Internet Explorer v.8 is listed

Explorer 8.x Insecure no solution SAID SA24314.

This installation of Microsoft Internet Explorer 8.x was detected as being patched.
The Secunia PSI has not detected any missing security related patches for this program. No further actions are currently needed.

Installation path: C\Program Files\Internet Explorer\iexplore.exe

I use Firefox anyway and always download the latest Microsoft security updates. I must admit I've been having some trouble getting my Java and Adobe Flash updated with Secunia (old files left after deletion etc) but now I have no unpatched or end of life programs. All is in order - except my Insecure browser; IE8.

Please can you help as I can't seem to get my head around it at all.

Maurice Joyce RE: Insecure Browser SAID SA24314
Handling Contributor 9th Aug, 2009 11:53
Score: 11560
Posts: 8,884
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Last edited on 9th Aug, 2009 11:54
Pasty,
What Secunia are saying is IE8 is patched as far as U the user is concerned (U have done all U can).

One remaining minor issue exists with IE8 & we are all awaiting a patch from Microsoft.



--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
This user no longer exists RE: Insecure Browser SAID SA24314
Member 9th Aug, 2009 11:59
Thanks Maurice for that quick reply. I shall stop worrying about it now!
Was this reply relevant?
+0
-0
bjm__ RE: Insecure Browser SAID SA24314
Member 10th Aug, 2009 21:55
Score: 64
Posts: 374
User Since: 9th Mar 2009
System Score: 100%
Location: US
patsy

On August 11, 2009, Microsoft is planning to release nine new security bulletins. Hopefully this may resolve Insecure Browser SAID. Check PSI on 12th/13th.

Info at http://securitygarden.blogspot.com/

Regards
bjm-

Was this reply relevant?
+0
-0
This user no longer exists RE: Insecure Browser SAID SA24314
Member 11th Aug, 2009 11:23
Thank you for that, shall be looking to correct my situation then. Cheers!

Regards pasty
Was this reply relevant?
+0
-0
Marduk RE: Insecure Browser SAID SA24314
Member 12th Aug, 2009 05:52
Score: 0
Posts: 1
User Since: 16th Apr 2009
System Score: N/A
Location: N/A
Well, the updates I ran did not seem to fix the problem, or if it did, it was not detected by Secunia. Somehow I feel the former is the true statement...

Maybe next month....
Was this reply relevant?
+0
-0
bjm__ RE: Insecure Browser SAID SA24314
Member 12th Aug, 2009 07:28
Score: 64
Posts: 374
User Since: 9th Mar 2009
System Score: 100%
Location: US
Last edited on 12th Aug, 2009 07:31
Marduk

Same results here...I was sure/hopeful we would finally get all Secure.
Poo on M$. Maybe next month. Fingers crossed!

Regards
bjm-
Was this reply relevant?
+0
-0
This user no longer exists RE: Insecure Browser SAID SA24314
Member 12th Aug, 2009 14:47
http://www.pcadvisor.co.uk/securityadvisor/news/in...
Was this reply relevant?
+0
-0
bjm__ RE: Insecure Browser SAID SA24314
Member 12th Aug, 2009 20:22
Score: 64
Posts: 374
User Since: 9th Mar 2009
System Score: 100%
Location: US
Hi patsy,

Appreciate the link...as a yank I don't get across the pond much.
Thanks again.

Regards
bjm-
Was this reply relevant?
+0
-0
thedillpickl RE: Insecure Browser SAID SA24314
Contributor 15th Aug, 2009 20:31
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
Last edited on 15th Aug, 2009 21:01
Hi all;

Yes, thank you, pasty for the link to pcadvisor, seems to be a very nice site.

On the thread by bhenshaw there is a post by Agapanthus on 2nd Aug where he states, "I had this problem too. ...PSI notes an 'old' version while the Microsoft Update site says everything is okay. ...but this time the following worked for me: Download "Cumulative Security Update for Internet Explorer 8 for Windows XP (KB972260)", where he posts the link & other info.

Oddly enough when I ran the update it informed me that I was not allowed to do that and told me to contact the administrator to compleat the update. I am the only user on the machine! :-> Have to play with it later.

As for the issue with Java & Flash Player in XP:

1) The easiest way to update Java is their update program, not the link in PSI. Go to start > control panel, double click Java, select the update tab, click on update now. Follow the instructions (very easy) & get a cup of coffee (pun intended).

2a) Flash Player leaves an old "ocx" file that PSI is using on the "overview" graphics (the pie & bar charts). That is what PSI is detecting as an insecure file. After you've done everyting else you need to with PSI, start the Flash Player download and then exit from PSI. Right click the Secunia icon on the task bar and click on exit. Note, you must do this before you start to install.

2b) If you've already downloaded the new update, that "ocx" file can be removed. Exit PSI as above. Restart PSI (yes, I know). Open the Insecure tab. On the Flash Player line at the right side, click on the Shortcut to local installation folder icon. It looks like a little folder. This is only available if "easy to patch" is disabled. Deleat the old "ocx" file or rename it "*.old". Be careful, if you're unsure about deleating files, don't.

Sorry, I don't know much about Vista. I'm gonna wait for 7. Maybe I'm too old. No, I am too old. Anyhow I'm glad they went back to version numbers!

best regards;
Fred

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
xlandlord RE: Insecure Browser SAID SA24314
Member 25th Aug, 2009 17:05
Score: 0
Posts: 1
User Since: 18th Feb 2009
System Score: N/A
Location: N/A
Last edited on 25th Aug, 2009 17:09
I run Vista Home Premium and renamed the 'old' ocx file to "oldocx" and followed all the procedures listed by Fred. PRESTO, my problem was fixed! Thank You Fred!


on 15th Aug, 2009 20:31, thedillpickl wrote:
Hi all;

Yes, thank you, pasty for the link to pcadvisor, seems to be a very nice site.

On the thread by bhenshaw there is a post by Agapanthus on 2nd Aug where he states, "I had this problem too. ...PSI notes an 'old' version while the Microsoft Update site says everything is okay. ...but this time the following worked for me: Download "Cumulative Security Update for Internet Explorer 8 for Windows XP (KB972260)", where he posts the link & other info.

Oddly enough when I ran the update it informed me that I was not allowed to do that and told me to contact the administrator to compleat the update. I am the only user on the machine! :-> Have to play with it later.

As for the issue with Java & Flash Player in XP:

1) The easiest way to update Java is their update program, not the link in PSI. Go to start > control panel, double click Java, select the update tab, click on update now. Follow the instructions (very easy) & get a cup of coffee (pun intended).

2a) Flash Player leaves an old "ocx" file that PSI is using on the "overview" graphics (the pie & bar charts). That is what PSI is detecting as an insecure file. After you've done everyting else you need to with PSI, start the Flash Player download and then exit from PSI. Right click the Secunia icon on the task bar and click on exit. Note, you must do this before you start to install.

2b) If you've already downloaded the new update, that "ocx" file can be removed. Exit PSI as above. Restart PSI (yes, I know). Open the Insecure tab. On the Flash Player line at the right side, click on the Shortcut to local installation folder icon. It looks like a little folder. This is only available if "easy to patch" is disabled. Deleat the old "ocx" file or rename it "*.old". Be careful, if you're unsure about deleating files, don't.

Sorry, I don't know much about Vista. I'm gonna wait for 7. Maybe I'm too old. No, I am too old. Anyhow I'm glad they went back to version numbers!

best regards;
Fred

Was this reply relevant?
+0
-0
thedillpickl RE: Insecure Browser SAID SA24314
Contributor 26th Aug, 2009 20:17
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
xlandlord;

Glad to help.


Fred

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
davidgardiner RE: Insecure Browser SAID SA24314
Member 2nd Sep, 2009 18:24
Score: 0
Posts: 1
User Since: 2nd Sep 2009
System Score: N/A
Location: N/A
Saw your note about Java and Adobe problems updating. I've had similar issues and the best fix I've found for Java is to uninstall previous versions and download the new version from "http://www.sun.com/" website. For Adobe, I launch Adobe and under "help" click on "check for updates" and let it look for it's latest version.
Was this reply relevant?
+0
-0
skia7 RE: Insecure Browser SAID SA24314
Member 17th Nov, 2009 11:44
Score: 0
Posts: 18
User Since: 2nd Sep 2009
System Score: N/A
Location: NL
Great sight the Security Garden thanks for the link. Good to know the Patch for IE8 is on the way. I use Opera although some applications need ie8 to be opened.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability