Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Vista update issue

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
undelay Vista update issue
Member 6th Dec, 2009 01:00
Ranking: 0
Posts: 25
User Since: 26th Nov, 2009
System Score: N/A
Location: N/A
Last edited on 6th Dec, 2009 01:39

PSI tells me to install http://www.microsoft.com/downloads/details.aspx?fa... yet when I attempt to, Vista tells me that the update does not apply to my computer. I am 100% certain I am using the 64 bit version of Vista Ultimate, but I tried BOTH the 64 bit and the 32 bit. Neither one of these works.

I would like to also note that I installed the Security Compliance Management Toolkit for Windows Vista and have implemented the security template for high security SSLF Desktop template (and the default database provided). Is the high security template and database possibly creating an issue with this and is it reasonable for me to TOTALLY IGNORE the missing patch?

I got the Security Compliance Management Toolkit @ http://www.nsa.gov/ia/guidance/security_configurat... (yes, the NSA)

Thanks in advance.

MaritimeRider RE: Vista update issue
Member 6th Dec, 2009 05:44
Score: 22
Posts: 174
User Since: 15th Mar 2009
System Score: 100%
Location: CA
First of all, open your computer from the start menu and click on system properties This will give you the info for your system > 32 or > 64bit. Yes your security can affect your download especially since you have it set at high. I just wonder why you feel the necessity of using such security since you make mention of the national security agency. Are you an employee of the organization? I can only suggest what secunia recommends for security in general. I would not ignore the message. It is an update for preventing remote access.Try downloading from the MS update site and set your permission to automatic download.
See if this helps. We have CESUS in Canada.However,security is security.
Was this reply relevant?
+0
-0
undelay RE: Vista update issue
Member 6th Dec, 2009 11:28
Score: 0
Posts: 25
User Since: 26th Nov 2009
System Score: N/A
Location: N/A
It is 64-bit. I knew this before I checked it as you indicated.

No, I do not work for that agency, nor the government. I simply wanted to have my system set up in the most secure way by default. I do not see how this could be a problem because all it does is change permissions for various activities.

I also want to you to know that I checked for updates right before I went to this Microsoft Management Console snap-in "Security" and at that time (yesterday) it told me I had all available updates.

What I think I am seeing is a patch that is failing verification. I will run Belarc and see if the patch (and all other patches) verifies.
Was this reply relevant?
+0
-0
Anthony Wells RE: Vista update issue
Expert Contributor 6th Dec, 2009 20:31
Score: 2437
Posts: 3,324
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Changing security settings can stop PSI making a full MS check during the scan ; it "may" show up in the error log .

What does Belarc say ??

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
undelay RE: Vista update issue
Member 6th Dec, 2009 20:46
Score: 0
Posts: 25
User Since: 26th Nov 2009
System Score: N/A
Location: N/A
Last edited on 6th Dec, 2009 20:48
It was very interesting. Windows Update, Belarc, and Microsoft Basline Security Analyzer (all three!) agree that the patch was applied. All three confirm installation of MS 09-063, PSI is the only program that says it is missing. MSBA and WU agree that the hotfix has been successfully applied.

I'm thinking there are three possibilities here.
First, that the database is accidentally in error. This could be fixed with an email to Secunia (which I've done); or,
Second, there could be a database migration happening that we aren't being told about (at Secunia); or,
Third, that the scanner (or the definitions) aren't fully 64-bit compatible.

I saw on another post that there was another x64 user who was experiencing an issue with thier scan, so it could be an x64 issue. I'm thinking the release of Win7 might have something to do with Secunia being swamped, which is entirely possible, even if unlikely. Regardless, I'm hoping that it gets sorted out soon.

I'll add a fourth option here of what could be happening. The Security template that I applied did change some of the permissions (or privileges) which could be problematic for PSI. I'm hoping not, but it could be so.
Was this reply relevant?
+0
-0
Anthony Wells RE: Vista update issue
Expert Contributor 6th Dec, 2009 23:13
Score: 2437
Posts: 3,324
User Since: 19th Dec 2007
System Score: N/A
Location: N/A


If you're bored :) , you could crosscheck PSI with OSI

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
undelay RE: Vista update issue
Member 7th Dec, 2009 03:12
Score: 0
Posts: 25
User Since: 26th Nov 2009
System Score: N/A
Location: N/A
Last edited on 7th Dec, 2009 03:15
Great idea! Going there now. Finding out it relies on java ... and reconsiders. I'm really trying to keep this machine bare software wise. I haven't installed java, and I'm using the 64 bit IE8 like its going out of style.

I'm really hesitant to install java.
Was this reply relevant?
+0
-0
Anthony Wells RE: Vista update issue
Expert Contributor 7th Dec, 2009 17:11
Score: 2437
Posts: 3,324
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

That was the point of checking using OSI .

I hear what you are saying , but you could install Java (not a risk to your PC in itself - up to date of course) and add NoScript to Firefox and disable it in IE any any other browser .

I'm not sure whether ultimate security doesn't rather impinge on surfing pleasure .

I'm sure I've mentioned Sandboxie before ; this is Ian "Gizmo" Richards take on things :-

http://www.techsupportalert.com/how-to-secure-your...

Worth another read , if you've seen it before .

Take care
Antony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability