navigation bar left navigation bar right

Secunia CSI7
navigation left tab Advisories navigation right tab
navigation left tab Research navigation right tab
navigation left tab Forums navigation right tab
navigation left tab Create Profile navigation right tab
navigation left tab Our Commitment navigation right tab
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Two false positives

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
jtsnet Two false positives
Member 3rd Feb, 2010 16:42
Ranking: 0
Posts: 2
User Since: 3rd Feb, 2010
System Score: N/A
Location: N/A
Secunia PSI 1.5.0.3 displays two false positives:

Windows XP x64 Edition Service Pack 2 marked insecure

This Service Pack is identical to Windows Server 2003 x64 Service Pack 2 released in 2007 and has nothing to do with the 5 years older EOL Windows XP Service Pack 2 released in 2002.

At this date Windows XP x64 Edition even didn't exist. It's like marking XP SP3 insecure, because there is a Windows 2000 SP4. ;-)

Internet Explorer 6 marked insecure for browsing

This is due to an old Flash plugin issue. This old flash plugin was removed by installing an up2date Flash.

Of course we know all Internet Explorer versions are "insecure for browsing", but I think threats that are resolved, should not displayed any more.

mogs RE: Two false positives
Expert Contributor 3rd Feb, 2010 20:46
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Hello. As you appear to be a new user of Secunia, you might not be aware that you can veiw/gain more details and information by switching to the Advanced interface. Clicking on the +sign alongside any program entry will expand that to reveal Tech.Details; file path, so on and so forth.
Generally, tho' you update progs., files/old progs can be left over...Secunia will still detect them, even if residing in the Recycle bin.

--
Was this reply relevant?
+0
-0
puget1 RE: Two false positives
Member 4th Feb, 2010 02:24
Score: 0
Posts: 551
User Since: 21st Dec 2007
System Score: N/A
Location: US
Last edited on 4th Feb, 2010 02:26
Hey, Mogs what is this about Secunia 1.5.0.3? I haven't been advised about any updates and still running 1.5.0.1. Does this have something to do with CSI or some Beta program?

--
Gone to Linux permanetly












Was this reply relevant?
+0
-0
thedillpickl RE: Two false positives
Contributor 4th Feb, 2010 02:28
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
Last edited on 5th Feb, 2010 02:20
removed by user

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
puget1 RE: Two false positives
Member 4th Feb, 2010 03:14
Score: 0
Posts: 551
User Since: 21st Dec 2007
System Score: N/A
Location: US
http://secunia.com/community/forum/thread/show/345... check this out as it explains a little trick

--
Gone to Linux permanetly












Was this reply relevant?
+0
-0
mogs RE: Two false positives
Expert Contributor 4th Feb, 2010 08:40
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Thanks puget: must admit, that leap in the version number had passed me by; or I was reading too fast at the time.I was probably more concerned with trying to establish some kind of rapport first. Thanks anyrate; a honk or a beep etc.,will keep me from falling asleep;a good word won't keep me awake all night...and I'm usually up before the crows !!!

--
Was this reply relevant?
+0
-0
jtsnet RE: Two false positives
Member 4th Feb, 2010 16:31
Score: 0
Posts: 2
User Since: 3rd Feb 2010
System Score: N/A
Location: N/A
Of course I meant PSI version 1.5.0.1.

Someone here links to Windows XP3 SP3 KB article, but I repeat, I don't use Windows XP, which has nothing to do with Windows XP x64 Edition.

There is a good reason for not installing IE7 or IE8.

First, I don't use IE for browsing anyway. It's locked by setting all zones to "Security Level High". Also the notorious insecure ActiveX Flash Plugin is completely removed from this system.

Second it brings nice new security holes, no one but the black hats found already. ;-)

Third: An IE update replaces parts of the Windows Shell, so it does not work right anymore in Classic View.

BTW: Secunia PSI used IE and Flash by itself, which is irresponsible for a security tool, and must be run as Administrator. Therefore there is good chance to get compromised by only using a tool, which is intended to secure a system.

The IE6 problem ist marked as "insecure, no solution" with this SAID:

http://secunia.com/advisories/17481/

"A vulnerability has been reported in Macromedia Flash Player included in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system."

But this "included Flash Player" can be and is already removed from the system in question. Therefore this is a false positive.
Was this reply relevant?
+0
-0
mogs RE: Two false positives
Expert Contributor 4th Feb, 2010 18:57
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Hello again.
Well, at least we have established the version of psi you are using.I'm still not certain that you have switched to the Advanced interface as per advice in first post.
Are you saying that you are using Windows XP SP3 and yet insecurities have been detected ? Switching to Advanced mode would enable you to give better, further detail concerning.
Generally, the newer the browser, the more secure,seems to be a matter of consensus. I use IE8 occasionally with settings at High. As it's an integral component in Vista...I can't see the point of entering into further contention.
Secunia psi is a free tool which does a marvellous job in helping users to patch vulnerabilities in their set-ups. If it indicates an insecurity, it is always right....that's been my experience.

--
Was this reply relevant?
+0
-0
thedillpickl RE: Two false positives
Contributor 5th Feb, 2010 02:26
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
jtsnet;

Please be advised that I have removed my earlier post, so as not to confuse anyone.

I apologize for not understanding your problem(s). I do not have the understanding of the situation as you do. I will step aside and let those more knowledgable help you.


best regards;

Fred

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
Anthony Wells RE: Two false positives
Expert Contributor 5th Feb, 2010 14:40
Score: 2463
Posts: 3,348
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

@jtsnet .

I know nothing of XP x64 SP2 but if Secunia is saying it is "insecure" then it has found something it considers as not being fully "patched" . You should check it out (try M$ updates) before calling it a false positive .

MOGS gave you some tips on using PSI .

SA17481 has a solution which is a vendor workaround and not a patch/program update . Secunia would not be able to detect whether you have used the workaround (at least they have not in similar cases). Even if you remove this SA , then SA 22628 still applies to all versions of IE and has no solution whatsoever and M$ have no intention of patching it for the moment . So IE and also Chrome are listed as insecure for browsing ATM ; only Firefox is "untainted" ATM on my PC.

Hope this helps.
Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
This user no longer exists RE: Two false positives
Member 5th Feb, 2010 14:58
Hi,

Updates to the Windows OS' frequently only "kicks in" after you reboot. Sometimes you even have to install patches, reboot and repeat. The proper procedure for updating windows with the PSI should therefore be to update, reboot and rescan. If the problem persists, click the solution button and see if any additional patches are available.

hope this helps.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
 
Secunia © 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+