navigation bar left navigation bar right

Secunia CSI7
navigation left tab Advisories navigation right tab
navigation left tab Research navigation right tab
navigation left tab Forums navigation right tab
navigation left tab Create Profile navigation right tab
navigation left tab Our Commitment navigation right tab
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Misleading Update

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
WinZip
And, this specific program:
WinZip 10.x

This thread has been marked as locked.
Dowopfan Misleading Update
Member 24th Nov, 2009 12:16
Ranking: 0
Posts: 1
User Since: 4th Dec, 2008
System Score: N/A
Location: N/A
Winzip appeared in my Secunia list as being 'at risk', so I click on the Security Threat solution and watched as it downloaded and installed the 'fix'. It deleted my current copy of WinZip which I use all the time. Upon finishing the installation, a window popped up saying "Thank you for Trying WinZip. Your copy will not work after the evaluation period expires". It then gives me the opportunity to pay $30 for a new copy to activate the one they installed. SO I went from having a working copy already paid for to now having one that doesn't work and won't work unless I send in $30!

That's hardly a 'solution'. I am very angry that it is going to cost me $30 to restore my use of WinZip. I think Secunia shouldn't offer these 'solutions' that delete a good working piece of software to install another that costs money to use! Had I known that the 'fix' was going to cost me $30, I would NEVER have clicked on the Solution.

I think WinZip is being totally misleading in their advertisement for an upgrade "fix". You never find out until it is too late, that you will be agreeing to a 'trial period' after which it will cost $30 to restore what your already had!

Very disappointing!


michaelsalis RE: Misleading Update
Member 24th Nov, 2009 14:12
Score: 57
Posts: 141
User Since: 18th Feb 2009
System Score: 98%
Location: UK
hi

Yes I agree WinZip have always been a little naughty with their program.

I have found with most software companies if you contact them and explain the situation they will almost always sort something out. I've had free periods, a refund or an extended subscription from just about every company I have contacted in situations where there has been a genuine problem.

I think a number of years ago even WinZip did something for me although unfortunately I am not able to remember the situation.

Michael


--
Michael
Toshiba Satelite A660
Intel i7
Windows 7 Ultimate
IE9

Toshiba Equium Laptop
Intel Centrino Duo
Windows Vista Ultimate SP2
IE9
Was this reply relevant?
+0
-0
This user no longer exists RE: Misleading Update
Member 24th Nov, 2009 17:55
I tried WinZip a long time ago. I found very little it could do over my favorite free archiver; 7-Zip.

You might consider giving 7-Zip try.
Was this reply relevant?
+0
-0
thedillpickl RE: Misleading Update
Contributor 25th Nov, 2009 02:58
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
Last edited on 27th Nov, 2009 00:21
please see retraction below

Hi Dowopfan;

Winzip is being naughty, but (and I know it dosn't feel like it) Secunia is being nice. Several software vendors offer a subscription that lasts one or two years. During that period, if they come out with an update for any reason, you get a free download. This means that every year you have to pull you wallet out. This can get expensive! At least you know how long you have to use it.

However, what Winzip does is sneaky. I know this isn't every situation but, say you just paid for the latest version of Winzip & two weeks later it's insecure and you need to update. Voila, you're out more $$$. Also, it isn't Secunia's job to check out the update, they merely report that it's there. Winzip (in my opinion) should clearly state, before you start the download, that you're about to uninstall the old version (unrecoverable) and how much it will cost for the new. This reminds me of the salesman at "Joe's Used Cars", with the plaid suit & polka dot necktie.

Secunia is nice, because they are reporting a vulnerability with Winzips older version.


regards;
Fred

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
Maurice Joyce RE: Misleading Update
Handling Contributor 25th Nov, 2009 14:05
Score: 11830
Posts: 9,072
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Last edited on 25th Nov, 2009 16:10
This thread is certainly living up to its name - misleading & factually incorrect.

@Dowopfan
+++++++++

If U wish to recover your vulnerable Winzip 10 at no cost first uninstall Winzip 14 then reinstall version 10 from here:
http://www.filehippo.com/download_winzip/805/

Look at the right hand side of the web page & select Winzip 10 Version 10.0.6698 - insert your registration details & U are back to square one. I have carried out this action on my Test PC for U & it works perfectly.

If U cannot live with the vulnerability found by PSI U can, as suggested by @Arctucas, Uninstall Winzip completely & use 7-Zip.

As a long time user Of Winzip I cannot see how they can be construed as "naughty" or "sneaky". They, like many other Professional vendors lay down their useage policy very clearly on their web site. In the case of Winzip:
1. It has a 45 day trial period.
2. U accept what U have tried & pay for a licence key or uninstall it.
3. At this stage U can opt for Upgrade Assurance (cheap as chips).
4. The Assurance entitles the user to UPGRADE to the latest version free of charge. UPDATES within the life cycle of the programme are free & always have been.
5. Winzip technical support & customer services are superb & only too happy to assist.
6.The life cycle of a Winzip product tends to be 4 years before becoming unsupported. This is general practise. Sadly that has what has happened in this case. Winzip 10 was released in November 2005 & is a dead duck if it has become vulnerable.
7. Allowing any vendor to auto download onto YOUR PC is asking for trouble (this includes Microsoft). As suggested, Secunia find vulnerabilities - full stop. They have kindly offered a update link & wizard but like all these "fixit" tools - user beware.
Using the tradition methods rather than "fixit" & auto updaters assures success:

1. Note the Secunia vulnerability.
2. Access the vendor site & read the details.
3. Download & save to a designated area.
4. Check for viruses & malware (very important for lesser known "freebies").
5. Control the install with options U want.
6. Reboot.

By downloading & installing traditionally there is no way U can point a finger at Secunia or any vendor for not giving all the facts.

Everyone has their own methods of doing things but to suggest that a vendor caters for all the requirements of "short cutters" to tried & tested "norms" would be impossible.













--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
thedillpickl RE: Misleading Update
Contributor 27th Nov, 2009 00:19
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
Hi Dowopfan;

I stand corrected. I was shooting from the hip, as it were, with out checking Winzip's download procedure. This was not wise, as Maurice points out, I've slandered a reputable comapanys name and do apologize.

In my own defense, I have been taken advantage of by other vendors. Prejudice is ugly, what else can I say.


Fred

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
 
Secunia © 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+