navigation bar left navigation bar right

Secunia CSI7
navigation left tab Advisories navigation right tab
navigation left tab Research navigation right tab
navigation left tab Forums navigation right tab
navigation left tab Create Profile navigation right tab
navigation left tab Our Commitment navigation right tab
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: PSI says Microsoft Windows Vista Insecure - MS Update Says NOT

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
obiewahn PSI says Microsoft Windows Vista Insecure - MS Update Says NOT
Member 11th Dec, 2009 20:34
Ranking: -10
Posts: 5
User Since: 12th Sep, 2009
System Score: N/A
Location: N/A
Besides having the Powerpoint 2007 Viewer problem for which the forum solution does not work for me (office2007-kb970059-fullfile-x86-glb.exe download says not expected version found and fails to install) I am now getting a MS Vista insecure warning.

Clicking on download solution takes you to Windows update, v4 version not the normal v6 version, but running either shows no upadtes needed. Not sure if its relevant but I am using the 64 bit version of Vista.

Maurice Joyce RE: PSI says Microsoft Windows Vista Insecure - MS Update Says NOT
Handling Contributor 11th Dec, 2009 22:08
Score: 11830
Posts: 9,072
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Last edited on 11th Dec, 2009 22:09
Are U using a licenced copy of Microsoft Office 2007 or the "Freebie" Powerpoint Viewer?

What is the path to the vulnerability?

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
obiewahn RE: PSI says Microsoft Windows Vista Insecure - MS Update Says NOT
Member 12th Dec, 2009 14:22
Score: -10
Posts: 5
User Since: 12th Sep 2009
System Score: N/A
Location: N/A
I assume your referring to the Power Point Viewer issue with your reply. Path is C:\Program Files (x86)\Microsoft Office\Office 12\PPTVIEW.EXE and yes it is a licensed copy.

No path given for Microsoft Windows Vista which before you ask is also genuine and licensed.
Was this reply relevant?
+0
-0
davidbaldwin RE: PSI says Microsoft Windows Vista Insecure - MS Update Says NOT
Member 11th Feb, 2010 18:36
Score: 0
Posts: 10
User Since: 14th Nov 2009
System Score: N/A
Location: N/A
Last edited on 11th Feb, 2010 18:56
I have the same issue as of ? (not long, I've been away for 10 days).

Secunia PSI says Microsoft Windows Vista is insecure. No path.

Visit Windows Update: no critical updates at all, just some optional ones that shouldn't make a difference.

Technical Details just says Service Pack 2 (that's the latest isn't it?) Download solution leads to Windows Update which provides no further clues.

UPDATE: Ok, it's gone. Despite the fact that PSI said it's last scan was (yesterday), I forced another full scan after writing this and apparently I am clean once again. PSI doesn't always do the greatest job of updating itself, or, it's just a coincidence.
Was this reply relevant?
+0
-0
SirRah RE: PSI says Microsoft Windows Vista Insecure - MS Update Says NOT
Member 12th Feb, 2010 09:26
Score: 0
Posts: 4
User Since: 12th Feb 2010
System Score: N/A
Location: US
MS XP Pro giving the same message and is requesting that Service pack 3 needs to be installed. Service pack3 has been installed since 2008 (?) This error is related to the most recent patches but I am not sure what PSI is keying on. I re-installed SP3 to be sure but no change.

I have rebooted multiple times today getting other software patched, alas I am still getting the Win XP Insecure message (might be true but unkind).

Ideas?

Sir Rah

--
When we wrote the HTML charter on the ANSI SGML committee I had never heard of Al Gore who claimed to have invented the Internet. This gives me a nice warm fuzzy feeling now that he is making claims of global warming being caused by man. When one considers Mount Penitubo eruption spewed more VOC's into the atmosphere in one week than man has created since the beginning of the industrial age, it makes one wonder about the voracity of the claim.
Was this reply relevant?
+0
-0
puget1 RE: PSI says Microsoft Windows Vista Insecure - MS Update Says NOT
Member 13th Feb, 2010 13:44
Score: 0
Posts: 551
User Since: 21st Dec 2007
System Score: N/A
Location: US
Last edited on 13th Feb, 2010 14:01
http://secunia.com/community/forum/thread/show/348...

I too am working on the same problem of Vista being insecure . It has something to do with the (avi buffer?) Maurice as you know I use Dell with media direct and auto updates everything all is A-ok. Have tried a command module command via notebook insert. No Joy. Microsoft appears to be totally unaware of the situation. Even tried a service pack 2 download in an effort to overwrite the existing program. No joy. Any suggestions It appears to have something to do with media players but there is no fix offered. Here is the word from MS land http://www.symantec.com/security_response/vulnerab... can't uninstall media player
Here is Secunia word on the problemhttp://secunia.com/advisories/38511/

--
Gone to Linux permanetly












Was this reply relevant?
+0
-0
iamahoosier RE: PSI says Microsoft Windows Vista Insecure - MS Update Says NOT
Member 13th Feb, 2010 16:44
Score: 0
Posts: 1
User Since: 27th Jan 2010
System Score: N/A
Location: N/A
I having the same issue- indicates that Vista is not up to date and the Window's Update says it is.....I also have a Windows check security badge in my tool bar, but the security site says fine?
Was this reply relevant?
+0
-0
SirRah RE: PSI says Microsoft Windows Vista Insecure - MS Update Says NOT
Member 14th Feb, 2010 12:01
Score: 0
Posts: 4
User Since: 12th Feb 2010
System Score: N/A
Location: US
Marice,
There is no relationship to either power point viewer or MS office 97 as no version of MS office is loaded on my machine that is receiving error nor is the power point viewer. Mine is an XP machine that up until the latest patch release seemed to recognize I had service pack 3 installed but system now indicates the service patch is not installed. because it is the OS itself that is being indicated as insecure there is no path indicated.

SirRah

--
When we wrote the HTML charter on the ANSI SGML committee I had never heard of Al Gore who claimed to have invented the Internet. This gives me a nice warm fuzzy feeling now that he is making claims of global warming being caused by man. When one considers Mount Penitubo eruption spewed more VOC's into the atmosphere in one week than man has created since the beginning of the industrial age, it makes one wonder about the voracity of the claim.
Was this reply relevant?
+0
-0
This user no longer exists RE: PSI says Microsoft Windows Vista Insecure - MS Update Says NOT
Member 15th Feb, 2010 08:52
Hi,

Frequently, Microsoft updates don't "kick in" until you reboot. After updating, it is recommended to reboot and rescan. If it stills show you're insecure, please try clicking the "Solution" button again, as some updates require several rounds to install.

Hope this helps.
Was this reply relevant?
+0
-0
tsssystems RE: PSI says Microsoft Windows Vista Insecure - MS Update Says NOT
Member 17th Feb, 2010 23:03
Score: 0
Posts: 5
User Since: 17th Feb 2010
System Score: N/A
Location: US
Last edited on 18th Feb, 2010 03:56
Just as an FYI, I have the same problem. Secunia reports XP insecure, MS doesn't. It took some research, but apparently Secunia has issued a new advisory for an unpatched Windows threat (I found the XP version but would not be surprised if it included Vista too). It's listed on the XP advisories for 2010 page as "Microsoft Windows TLS/SSL Session Renegotiation Plaintext Injection Vulnerability" and the link is at http://secunia.com/advisories/38365/

I'm guessing we'll all have to live with this for a while, as it's apparently not a big enough problem for MS to issue an out-of-cycle patch.
Was this reply relevant?
+0
-0
SirRah RE: PSI says Microsoft Windows Vista Insecure - MS Update Says NOT
Member 17th Feb, 2010 23:30
Score: 0
Posts: 4
User Since: 12th Feb 2010
System Score: N/A
Location: US
On XP Insecure issue which "appeared" to be very similar to the Vista error message except it indicated that service pack 3 was not installed when it has been for over a year. It was reinstalled and rebooted and still the error appeared.

I did reboot multiple times in attempting to eliminate the error. PSI indicated after multiple scans and fix attempts that service pack 3 was not installed for XP pro.

That said, today I again performed a full rescan of the system and the gremlin appears to have disappeared.

For XP Pro this issue seems to be closed. I have no idea what gremlin has been at work but "I" am no longer having an issue.

Gremlins are remarkable at times.

SirRah



--
When we wrote the HTML charter on the ANSI SGML committee I had never heard of Al Gore who claimed to have invented the Internet. This gives me a nice warm fuzzy feeling now that he is making claims of global warming being caused by man. When one considers Mount Penitubo eruption spewed more VOC's into the atmosphere in one week than man has created since the beginning of the industrial age, it makes one wonder about the voracity of the claim.
Was this reply relevant?
+0
-0
puget1 RE: PSI says Microsoft Windows Vista Insecure - MS Update Says NOT
Member 18th Feb, 2010 17:13
Score: 0
Posts: 551
User Since: 21st Dec 2007
System Score: N/A
Location: US
****I GOT THE FIX****If you have all updates referred to in Microsoft security bulletin MS013. Then you are updated. What needs to be done to clear with Secunia and get your 100% is to uninstall Secunia, Restart to clear ocx files and remember to re-log to Secunia profiles as a current user. Secunia will perform a re-scan and pick up the correction giving you back your 100%.

--
Gone to Linux permanetly












Was this reply relevant?
+1
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
 
Secunia © 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+