Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Insecure Programs

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
LaoHai Insecure Programs
Member 11th Nov, 2009 17:51
Ranking: 0
Posts: 7
User Since: 11th Nov, 2009
System Score: N/A
Location: N/A
Secunia PSI keeps telling me that I have two insecure programs: Adobe Flash Player and Google Chrome. I have reinstalled the latest version of both programs several times (after deleting the existing programs) and both Adobe and Google confirmed that I have their latest versions installed. Yet Secunia PSI keeps coming up with the same analysis. Can any one tell me what to do?

Maurice Joyce RE: Insecure Programs
Handling Contributor 11th Nov, 2009 18:16
Score: 11309
Posts: 8,724
User Since: 4th Jan 2009
System Score: N/A
Location: UK
UPDATING ADOBE FLASH
====================

Adobe have not mastered the art of completely removing all their files during an uninstall nor have they widely publicised the fact that they do not support removal using Control Panel>Add/Remove.

To successfully remove a vulnerability from Adobe Flash you should:

1. Download & use the Flash Uninstaller from here:

#####Before actually running the uninstaller it is a good idea to close all browsers,PSI and any other programme U think may be using Flash #####

http://kb2.adobe.com/cps/141/tn_14157.html

2. Reboot to clear out any left over ocx files.

3. Rescan using PSI - if there are any insecure Flash elements left what is the path to them? U should not proceed to stage 4 until all U clear any problems found.(The PSI overview page may look a little odd because it uses Flash for the pictorials)

Note: At this stage,if PSI finds any elements of Flash in the C:\i386 folder or on any drive other than C that is an OEM reinstallation partition (normally D drive) or a drive U use solely to backup your work U can safely create an ignore rule.


4. Reinstall the latest Internet Explorer Flash Player from here:

http://www.filehippo.com/download_flashplayer_ie/

4A.If U are also using Firefox, Opera and other Gecko-based browsers U need this link as well:

http://www.filehippo.com/download_flashplayer_fire...

5. Go to add/remove & double check Adobe have not installed the useless Adobe Download Manager - if U see an entry remove it.




--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
Anthony Wells RE: Insecure Programs
Expert Contributor 11th Nov, 2009 18:18
Score: 2384
Posts: 3,280
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hello ,

If you arenew to PSI , here are some tips for using PSI "advanced" mode :-

To help resolve your problem , here are some instructions to help you first of all get the best out of PSI :-

1)use PSI in "advanced" mode ;
2)in the "settings" tab make sure that the box in the first/upper section is NOT ticked in order to have the maximum info available ;
3)tell us in which "tab(s)" your problem programme is located ;
4)in that tab , click on the + in the box at the left end of the programme , the page will expand ;
5)in the expanded page , tell us what is written in the "installation path" ;
6)in the "toolbox" section , lower down , the link "technical details" should confirm the installation path details ;
7)click on the link "open folder" and you will see more details concerning the location of the "problem" .

If you are unable to resolve the problem yourself , all this info should allow someone on the forum to help/advise you .

The problems with Adobe and Chrome usually relate to "old" files left behind after update .

Let us know your progress.

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
Anthony Wells RE: Insecure Programs
Expert Contributor 11th Nov, 2009 18:21
Score: 2384
Posts: 3,280
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Crossed posting , I withdraw to avoid confusion :)

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
Maurice Joyce RE: Insecure Programs
Handling Contributor 11th Nov, 2009 18:23
Score: 11309
Posts: 8,724
User Since: 4th Jan 2009
System Score: N/A
Location: UK
@Anthony
U might like to post about Google Chrome. I do not use it but I know there is a solution.

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
LaoHai RE: Insecure Programs
Member 11th Nov, 2009 19:43
Score: 0
Posts: 7
User Since: 11th Nov 2009
System Score: N/A
Location: N/A
Maurice and Anthony:
Hi and many thanks for your advice. It helped - I am now 100% secure according to Secunia PSI.
With best regards,
LaoHai
Was this reply relevant?
+0
-0
Anthony Wells RE: Insecure Programs
Expert Contributor 11th Nov, 2009 19:56
Score: 2384
Posts: 3,280
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 11th Nov, 2009 20:01
Hello LaoHai ,

Thanks for your update ; just to advise you that the only sure way to get rid of the "old" files at update of Google Chrome is an uninstall/reinstall , but that means losing your settings ; so I prefer the straightforward "work around" of deleting the "old" version numbered files/folder from the ..\Google\Chrome\Application\.. folder .

As PSi is a "security" update checker , then a bug/stability/etc update of Chrome is likely to show the both the old version and the newer version in your "patched" tab , the old one not being a danger .

Take care
Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
LaoHai RE: Insecure Programs
Member 11th Nov, 2009 20:06
Score: 0
Posts: 7
User Since: 11th Nov 2009
System Score: N/A
Location: N/A
Hi Anthony:
I'm new to Secunia and I appreciate your advice.
Best regards,
LaoHai
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability