Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: adobe 9.3.1 still listed as insecure in PSI

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
MaxLV128 adobe 9.3.1 still listed as insecure in PSI
Member 19th Feb, 2010 23:05
Ranking: -2
Posts: 17
User Since: 22nd May, 2009
System Score: N/A
Location: NZ
I have updated adobe reader to 9.3.1 but it's still being reported as insecure.

I uninstalled adobe reader completely, cleared all traces from the registry, and reinstalled 9.3.0, and let it check for updates. it said there weren't any.

I downloaded the security fix to update it to 9.3.1 and installed it.
Adobe reader now says it's 9.3.1 in the about option on the help menu.

But PSI even after rescaning adobe reader still says file AcroRd32.exe is insecure. The file version is 9.3.0.148, yet another program PSI is not able to accurately check and report on, and that I have mark as ignore because of the false warnings it's issuing about an insecure program.

Can someone at Secunia tell me again why I should use continue to PSI whne it cant accurately report security risks?

Mcd73165 RE: adobe 9.3.1 still listed as insecure in PSI
Member 19th Feb, 2010 23:45
Score: 7
Posts: 70
User Since: 13th May 2009
System Score: N/A
Location: US
Hi. What I don't understand is that after I installed the patch to update to version 9.3.1, PSI showed Adobe Reader as secure even though my AcroRd32 file is still version 9.3.0.148 also. In fact, I can't find any Adobe Reader file that shows the new version (other than in Add or Remove Programs. This is one I can't figure out.
Mark
Was this reply relevant?
+0
-0
Anthony Wells RE: adobe 9.3.1 still listed as insecure in PSI
Expert Contributor 20th Feb, 2010 01:06
Score: 2412
Posts: 3,309
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 20th Feb, 2010 01:18
Try a reboot and full scan .

The "installation path" leads to the folder ; in this case , the AcroRd32.exe is (probably) not the one used by Secunia in it's detection rules . This is "normal" with Adobe Reader updates .

Secunia don't work on the weekends so no one is around to convince you until Monday at the earliest it's a free programme so you are free to choose for yourself :))

Anthony

PS: setting "ignore rules" without resolving a problem is akin to not having PSI anyhoo !

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
MaxLV128 RE: adobe 9.3.1 still listed as insecure in PSI
Member 20th Feb, 2010 01:32
Score: -2
Posts: 17
User Since: 22nd May 2009
System Score: N/A
Location: NZ
on 20th Feb, 2010 01:06, Anthony Wells wrote:
Try a reboot and full scan .
The "installation path" leads to the folder ; in this case , the AcroRd32.exe is (probably) not the one used by Secunia in it's detection rules . This is "normal" with Adobe Reader updates .

Secunia don't work on the weekends so no one is around to convince you until Monday at the earliest it's a free programme so you are free to choose for yourself :))

Anthony

PS: setting "ignore rules" without resolving a problem is akin to not having PSI anyhoo !


(Reboot and full rescan)
Been there, done that. Right after the re-install and update to 9.3.1

Free it may be, but when claims are made about what it can do but doesn't do saying it's free isn't an answer... (to the problem)


Was this reply relevant?
+0
-0
Capt Ron RE: adobe 9.3.1 still listed as insecure in PSI
Member 20th Feb, 2010 04:02
Score: 0
Posts: 2
User Since: 20th Feb 2010
System Score: N/A
Location: N/A
Does it show as adobe reader 9.x or adobe flash player 9x. Mine shows it as adobe flash player 9.x and says it needs to update but since I don't have a 9.x adobe flash player I can't fix it.

It just doesn't know the difference between adobe reader and adobe flash player.

I have a adobe flash player 10.0.45.2 which passes the test.

If they will test it as a reader, I think it may pass.
Was this reply relevant?
+0
-0
Mcd73165 RE: adobe 9.3.1 still listed as insecure in PSI
Member 20th Feb, 2010 05:43
Score: 7
Posts: 70
User Since: 13th May 2009
System Score: N/A
Location: US
Anthony, the installation path is the AcroRd32.exe file which is version 9.3.0.148 which was created on 12/22/2009 yet it still checks out as secure. (Was insecure until updating the other day). I don't know how it's detecting version 9.3.1. No big deal but kind of strange.
Mark
Was this reply relevant?
+0
-0
MaxLV128 RE: adobe 9.3.1 still listed as insecure in PSI
Member 20th Feb, 2010 09:03
Score: -2
Posts: 17
User Since: 22nd May 2009
System Score: N/A
Location: NZ
on 20th Feb, 2010 04:02, Capt Ron wrote:
Does it show as adobe reader 9.x or adobe flash player 9x. Mine shows it as adobe flash player 9.x and says it needs to update but since I don't have a 9.x adobe flash player I can't fix it.

It just doesn't know the difference between adobe reader and adobe flash player.

I have a adobe flash player 10.0.45.2 which passes the test.

If they will test it as a reader, I think it may pass.


I had already updated flash player without any problems. PSI detected that update and removed it from it's warnings about insecure programmes.
Was this reply relevant?
+0
-0
Anthony Wells RE: adobe 9.3.1 still listed as insecure in PSI
Expert Contributor 20th Feb, 2010 12:10
Score: 2412
Posts: 3,309
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 20th Feb, 2010 12:16

To all ,

You can cross check if you have the update installed by looking in "Add/Remove" of your control panel ; the update is listed , dated and you cannot remove it .

@max ,

Have you been everywhere ?? have you used the "repair adobe reader installation" link and got the T-Shirt from the programme's "help" menu .

@Mark ,

Use the "about adobe plug-ins.." link in the "help" menu , find the one with the updated version N and win a cigar :))

@Capt Ron ,

You need to tell us where PSI says your Adobe Flash 9.x is lurking - if PSI has found it , it's almost certainly there (believe me) .

As a new poster to the Forum , to help resolve any problems , here are some instructions to help you first of all get the best out of PSI :-

1)use PSI in "advanced" mode ;
2)in the "settings" tab make sure that the box in the first/upper section is NOT ticked in order to have the maximum info available ;
3)tell us in which "tab(s)" your problem programme is located ;
4)in that tab , click on the + in the box at the left end of the programme , the page will expand ;
5)in the expanded page , tell us what is written in the "installation path" ;
6)in the "toolbox" section , lower down , the link "technical details" should confirm the installation path details ;
7)click on the link "open folder" and you will see more details concerning the location of the "problem" .

Posting these details will help the Forum help you , if/when you have a problem .

Hope this helps.

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
Mcd73165 RE: adobe 9.3.1 still listed as insecure in PSI
Member 20th Feb, 2010 14:12
Score: 7
Posts: 70
User Since: 13th May 2009
System Score: N/A
Location: US
Anthony, there is only one plugin that shows the new version which is the Forms Plug-in. (About Adobe Plug-Ins). Could it be that PSI is detecting that even though it says the (detected) installation path is AcroRd32? I don't think it's detecting what's in Add or Remove Programs. I've always been a troubleshooter / technician and therefore my interest in all this. I'm not trying to be a pain in the butt.
Mark
Was this reply relevant?
+0
-0
MaxLV128 RE: adobe 9.3.1 still listed as insecure in PSI
Member 20th Feb, 2010 14:14
Score: -2
Posts: 17
User Since: 22nd May 2009
System Score: N/A
Location: NZ
on 20th Feb, 2010 12:10, Anthony Wells wrote:
To all ,

You can cross check if you have the update installed by looking in "Add/Remove" of your control panel ; the update is listed , dated and you cannot remove it .

@max ,

Have you been everywhere ?? have you used the "repair adobe reader installation" link and got the T-Shirt from the programme's "help" menu .

=====
Windows 7 cntrl panel add/remove shows adobe reader 9.3.1, running a repair install completes successfully, but the subsequent PSI scan still shows D:\Adobe\Reader\AcroRd32.exe as insecure.

D:\Adobe\Reader\AcroRD32.exe is the correct path.
It's the path\location I selected when installing it, and the path PSI is scanning.
=====

@Mark ,

Use the "about adobe plug-ins.." link in the "help" menu , find the one with the updated version N and win a cigar :))

@Capt Ron ,

You need to tell us where PSI says your Adobe Flash 9.x is lurking - if PSI has found it , it's almost certainly there (believe me) .

As a new poster to the Forum , to help resolve any problems , here are some instructions to help you first of all get the best out of PSI :-

1)use PSI in "advanced" mode ;

===
I do
===

2)in the "settings" tab make sure that the box in the first/upper section is NOT ticked in order to have the maximum info available ;

===
It Isn't ticked.
===

3)tell us in which "tab(s)" your problem programme is located ;

===
Insecure Tab
===

4)in that tab , click on the + in the box at the left end of the programme , the page will expand ;

5)in the expanded page , tell us what is written in the "installation path" ;

===
Installation path is as above, D:\Adobe\Reader\AcroRd32.exe
===

6)in the "toolbox" section , lower down , the link "technical details" should confirm the installation path details ;

===
It does, and it's the same as above.
===

7)click on the link "open folder" and you will see more details concerning the location of the "problem" .

===
See above.
===

Posting these details will help the Forum help you , if/when you have a problem .



Hope this helps.

Anthony

Was this reply relevant?
+0
-0
MaxLV128 RE: adobe 9.3.1 still listed as insecure in PSI
Member 20th Feb, 2010 14:19
Score: -2
Posts: 17
User Since: 22nd May 2009
System Score: N/A
Location: NZ
on 20th Feb, 2010 14:12, Mcd73165 wrote:
Anthony, there is only one plugin that shows the new version which is the Forms Plug-in. (About Adobe Plug-Ins). Could it be that PSI is detecting that even though it says the (detected) installation path is AcroRd32? I don't think it's detecting what's in Add or Remove Programs. I've always been a troubleshooter / technician and therefore my interest in all this. I'm not trying to be a pain in the butt.
Mark


Same with mine, only the Forms plugin shows file version 9.3.1.203 dated 02/02/2010.

All other plugins have file version 9.3.0.148 dated 21/12/2002
Was this reply relevant?
+0
-0
Capt Ron RE: adobe 9.3.1 still listed as insecure in PSI
Member 20th Feb, 2010 16:26
Score: 0
Posts: 2
User Since: 20th Feb 2010
System Score: N/A
Location: N/A
Anthony,

I don't know what happened but this morning when I took my laptop out of hibernate the flag was gone and it now shows 100%.

But thanks for the information.
Was this reply relevant?
+0
-0
Anthony Wells RE: adobe 9.3.1 still listed as insecure in PSI
Expert Contributor 20th Feb, 2010 16:33
Score: 2412
Posts: 3,309
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 20th Feb, 2010 16:35
Alas Young Readers , the Magical ways of the Houses of Adobe and Secunia are not known to mere mortals .

What can be seen by the Great Observers of The Community is that Adobe biuld their Chateau called House of Cards on a basic Two Number platform ; 9.0. , 9.1. , 9.2. and 9.3. are rumoured to exist . Bad People living undergruond and wearing Coloured Hats try to undermine the Platform , forcing AD to build upwards and add new levels of Protection .

The Wise Wizards of Secunia then cast their Runes to see if AD has successfully plugged the gaps aka "Vulnerabilities" . If Ad was successful and the Castle has been steadied , the Great and Good PSI awards the order of The Patched .

Secret files are hidden by AD and PSI to confirm the bestowed honour . This data is kept from us , but it is rumoured that in the past Castle 9.1. had a key to the mystery called Annots.api hidden in a not so secret Plug_ins folder - like that Castle those days are gone .

After a while the whole House of Cards is knocked to the ground and we start the Game again. In Foreign Lands some people who are Acrobats live in Ancient streets where all Castles begin with the Number 8 .

One Secret is to get and start the latest platform and if it has weaknesses to add a Patch from the Takeaway Menu inside the building ; sometimes you need a Repair tool from the same Takeaway to shake things into an order PSI recognises . Spare boots should be carried and used as necessary . More risk is involved using the PSI Solution , sometimes a Trap ffor the Unwary .

My Time is up for now Young Hereos , prepare for Battles yet unknown.

I believe Capt Ron holds Secret Sleep Powers , but have no Proof .

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
MaxLV128 RE: adobe 9.3.1 still listed as insecure in PSI
Member 20th Feb, 2010 23:33
Score: -2
Posts: 17
User Since: 22nd May 2009
System Score: N/A
Location: NZ
Last edited on 20th Feb, 2010 23:35
on 19th Feb, 2010 23:05, MaxLV128 wrote:
I have updated adobe reader to 9.3.1 but it's still being reported as insecure.

I uninstalled adobe reader completely, cleared all traces from the registry, and reinstalled 9.3.0, and let it check for updates. it said there weren't any.

I downloaded the security fix to update it to 9.3.1 and installed it.
Adobe reader now says it's 9.3.1 in the about option on the help menu.

But PSI even after rescaning adobe reader still says file AcroRd32.exe is insecure. The file version is 9.3.0.148, yet another program PSI is not able to accurately check and report on, and that I have mark as ignore because of the false warnings it's issuing about an insecure program.

Can someone at Secunia tell me again why I should use continue to PSI whne it cant accurately report security risks?


UPDATE:
I have just run an OSI scan at http://secunia.com/vulnerability_scanning/online/?...
using the thorough System Inspection option and it is showing that Adobe Reader is insecure as well.

Another question:
Why doesn't PSI scan across networks? Has anyone heard if that [esential] option will be added in the future?

After all what is the point of scanning just the local drives when networked backup drives are also storing insecure/unpatched backup versions of files being reported by PSI?

I'm talking home networks here, not corporate/office networks.

Was this reply relevant?
+0
-0
UpTo_daTe RE: adobe 9.3.1 still listed as insecure in PSI
Member 21st Feb, 2010 12:46
Score: 0
Posts: 8
User Since: 7th Dec 2008
System Score: 100%
Location: DE
Last edited on 21st Feb, 2010 12:47
Hello all,

I had this problem today too! My wife has a Laptop and she didn't experience this issue.

The difference was, that 'Acrobat Reader 9.3.1' is installed on the Laptop on this partition:

C:\Program Files\Adobe\Reader 9.0

After I un-installed the Reader and re-installed it into the folder stated before. All I had to do was, using the PSI option to download the update directly. I did, and run another scan! Now suddenly everything was fine.

--
Bye for now
B_big!
Was this reply relevant?
+0
-0
Syzyzgy RE: adobe 9.3.1 still listed as insecure in PSI
Member 22nd Feb, 2010 08:45
Score: 0
Posts: 9
User Since: 14th Dec 2008
System Score: N/A
Location: CN
There appears to be something amiss with you Secunia PSI program.

Although I have run all recommended patches and updates PSI still says the programs are insecure.

Example: Google Chrome - PSI says it is version 4.0.249.78 where as Google Chrome itself says it is version 4.0.249.89

Example: Adobe Acrobat - PSI says there is a later version of Adobe Acrobat 9, however when I update both via PSI link and the Acrobat program itself the version installed is 9.3.0.148 which PSI says is insecure.

Example - MS PowerPoint Viewer. PSI say version 12.0.6414.1000 is insecure whereas the latest download from MS Office installs version 12.0.6414

Example - Adobe Flash - I have updated this numerous times and now PSI tels me 2 versions are out of date. 10.0.42.34 (ActiveX) & 10.0.32.18 (ActiveX). I don't know how to check which version is running, however following the PSI link does not install a version that PSI recognizes as patched.

So either i am completely stupid and inept or there is some problem with PSI.

Perhaps you could let me know.

Maybe I need an updated version of PSI.

Was this reply relevant?
+0
-0
TiMow RE: adobe 9.3.1 still listed as insecure in PSI
Dedicated Contributor 22nd Feb, 2010 09:33
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
@ Syzyzgy

Your problem is, probably, that despite updating and having the latest software , you still have all, or parts of the old versions still on your system, and Psi reports these as the insecurities.

Chrome creates a new file with each new update, still leaving the old file.

Adobe Is always problematical - you should check out some of the other threads currently running concerning Adobe problems.

Re. M$ see Secunia official reply to your post on the other thread.

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+0
-0
MaxLV128 RE: adobe 9.3.1 still listed as insecure in PSI
Member 22nd Feb, 2010 10:23
Score: -2
Posts: 17
User Since: 22nd May 2009
System Score: N/A
Location: NZ
on 22nd Feb, 2010 09:33, TiMow wrote:
@ Syzyzgy

Your problem is, probably, that despite updating and having the latest software , you still have all, or parts of the old versions still on your system, and Psi reports these as the insecurities.

Chrome creates a new file with each new update, still leaving the old file.

Adobe Is always problematical - you should check out some of the other threads currently running concerning Adobe problems.

Re. M$ see Secunia official reply to your post on the other thread.

TiMow


Adobe Reader has never been problematic for me with PSI until now...

After further testing I have confirmed that Adobe Reader is successfully being updated to 9.3.1 but unless it's installed in the default location of C:\Program Files\Adobe\Reader PSI does not recognise that it has been updated at all.

I have tried installing on various hard drives on my computers and as far as PSI is concerned if it's NOT in the default location on the computer PSI is installed on then PSI does not recognise it as being patched and updated to 9.3.1

PSI has never 'behaved' like this previously (it didn't matter where programmes were installed), what has been changed in it that's causing this failure now?

PSI is definately broken as far as Adobe Reader is concerned. I trust Secunia staff will realise this and fix this bug in PSI...
Was this reply relevant?
+0
-0
This user no longer exists RE: adobe 9.3.1 still listed as insecure in PSI
Member 22nd Feb, 2010 10:56
Last edited on 22nd Feb, 2010 14:14 Hi,
(Correction)
This was an issue with a rule. It should now have been fixed.

hope this helps.
Was this reply relevant?
+0
-0
Syzyzgy RE: adobe 9.3.1 still listed as insecure in PSI
Member 22nd Feb, 2010 18:09
Score: 0
Posts: 9
User Since: 14th Dec 2008
System Score: N/A
Location: CN
Last edited on 22nd Feb, 2010 18:11
I now still have 2 programs that PSI say are insecure. And despite my best efforts PSI insists they are insecure! Both Category 4, which presumably is very insecure as 1 is the least insecure and 5 is very very insecure.

Adobe Acrobat Standard - the latest patches I can find are AcrobatUpd930_all_incr.msp & AcrobatUpd931_all_incr.msp. I have now run both of these and rebooted after running each patch. Adobe still tells me it is version 9.3.1 (9.3.0.148) and PSI still tells me this version is insecure. This is a mystery.

Comments like "Adobe doesn't delete all the old files and PSI is picking these up" are rather unhelpful, as either PSI needs to tell you which old files to manually delete or it needs to be more intelligent and know to ignore the older files. If PSI cant tell which files to ignore how the hell am I supposed to know which ones need deleting.

Seems like a PSI glitch to me.

Windows XP Service Pack 3 - As i have had service pack 3 installed for some time I am not sure why PSI thinks it isn't there.

However just to be certain as per the kind advice from Emil I went to the Microsoft Update site and it tells me there are no outstanding updates for XP available. Ie I have already installed every update they have.

On top of that I run MS Auto Update and that is telling me it is upto date.

So seems here again that PSI has a glitch.

If PSI is "perfect" of course, then hope fully Emil and his colleagues will be able to tell me what to do next. If not perhaps these can be put on the list of bugs to be fixed.
Was this reply relevant?
+0
-0
Syzyzgy RE: adobe 9.3.1 still listed as insecure in PSI
Member 22nd Feb, 2010 18:24
Score: 0
Posts: 9
User Since: 14th Dec 2008
System Score: N/A
Location: CN
Last edited on 22nd Feb, 2010 18:28
Well its a miracle....................no other explanation.

I did nothing.........................now PSI has decided that my PC is 100% secure.

Hmmmmmmmmmmmmm................................
Was this reply relevant?
+0
-0
Anthony Wells RE: adobe 9.3.1 still listed as insecure in PSI
Expert Contributor 22nd Feb, 2010 19:03
Score: 2412
Posts: 3,309
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
@Max LV128

Great effort , well done :))

You saved a lot of "pain" and misleading/misplaced worrying for others ; not forgetting the heads up clue from @UpTo_Date and unwittingly @cains (on another thread) .

Take care
Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
Anthony Wells RE: adobe 9.3.1 still listed as insecure in PSI
Expert Contributor 22nd Feb, 2010 19:10
Score: 2412
Posts: 3,309
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

@syzyzgy ,

You will likely get quicker and better help if you post on the the relevant thread or create your own ; especially as Secunia respond to the owner of the thread first and foremost.

Not a miracle , PSI often needs a restart or reboot or a quiet time to reset itself . Acrobat for example hsa only just had it's rules updated .

Take care
Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
rtrooney RE: adobe 9.3.1 still listed as insecure in PSI
Member 25th Feb, 2010 00:24
Score: -1
Posts: 23
User Since: 13th Jun 2008
System Score: N/A
Location: N/A
Last edited on 26th Feb, 2010 00:25
I have the same problem as everyone else. I've updated Reader. I've deleted Reader via Add/Remove and reinstalled it. I've rebooted and rescanned numerous time, and Adobe Reader still comes up as insecure.

The installation is to the default directory, ie, c:\program files\Adobe\Reader 9.0\Reader where the file AcroRd32.exe resides. Properties are 9.3.0.148 dated 12/22/09. This is the latest and greatest.

Yes, I do use Foxit, but there are some sites that require Adobe to view data. These are mostly financial sites. So, doing without Adobe is not an option. I really don't like having that Cat4 threat message hitting me in the face every time the machine is booted.

This has been a problem that has existed between Secunia PSI and Adobe Reader for as long as I can remember. I really wish it would go away.
Was this reply relevant?
+0
-0
Anthony Wells RE: adobe 9.3.1 still listed as insecure in PSI
Expert Contributor 25th Feb, 2010 20:02
Score: 2412
Posts: 3,309
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

@rtrooney

Technically the PSI rules are now up to date ; try using the search facility at the top of the thread listing page(s) and see if the info in other Adobe threads might help you .

Anthony


--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
rtrooney RE: adobe 9.3.1 still listed as insecure in PSI
Member 26th Feb, 2010 00:23
Score: -1
Posts: 23
User Since: 13th Jun 2008
System Score: N/A
Location: N/A
>Properties are 9.3.0.148 dated 12/22/09. This is the latest and greatest.

Well, that's not entirely true. It's the latest major build, but you still need to apply the "AdbeRdrUpd931_all_incr.msp" patch. Despite having done this, and other actions described above, Secunia still listed Reader as insecure....until I booted today. Miraculously Reader was cured of its "insecurities"!

I did nothing to alter the Reader installation during the last week. Yet Secunia sees it as insecure for five days and then sees it as secure on day six. Very strange performance.
Was this reply relevant?
+0
-0
Anthony Wells RE: adobe 9.3.1 still listed as insecure in PSI
Expert Contributor 26th Feb, 2010 13:02
Score: 2412
Posts: 3,309
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

@rtrooney

A reboot and full scan is obligatory for M$/Windows updates and is pretty much necessary for all things Adobe . I am "told" this is due to the way stuff is scheduled for deletion , hence install wizards say close all programmes first so you can avoid restarting your system - or words to that effect . A complete shutdown for 10 mins can work wonders on any machine :)

Glad you are sorted .

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
banthony RE: adobe 9.3.1 still listed as insecure in PSI
Member 26th Feb, 2010 20:13
Score: 2
Posts: 15
User Since: 26th Feb 2010
System Score: N/A
Location: US
Last edited on 26th Feb, 2010 20:15
The only sure fire way to verify you've properly updates to 9.3.1 is by checking the following file.

* authplay.dll (%ProgramFiles(x86)%\Adobe\Reader 9.0\Reader) v10.0.45.2
* AcroForm.api (%ProgramFiles(x86)%\Adobe\Reader 9.0\Reader\plug_ins) Modified 2/2/2010
Was this reply relevant?
+0
-0
Anthony Wells RE: adobe 9.3.1 still listed as insecure in PSI
Expert Contributor 27th Feb, 2010 11:13
Score: 2412
Posts: 3,309
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hello banthony ,

on 26th Feb, 2010 20:13, banthony wrote:
The only sure fire way to verify you've properly updates to 9.3.1 is by checking the following file.

* authplay.dll (%ProgramFiles(x86)%\Adobe\Reader 9.0\Reader) v10.0.45.2
* AcroForm.api (%ProgramFiles(x86)%\Adobe\Reader 9.0\Reader\plug_ins) Modified 2/2/2010


Secunia say that your first check is to look at "about" in the programme "help" menu

For 9.3.1 update on the 9.3 platform the second check is probably the not "deletable" update showing in Control Panel's "Add/Remove" .

At present the "authplay.dll" seems to update wih Flash not Reader .

The "AcroForm.api" is seemingly he only plug-in updated in this build and may or may not be a/the file used by Secunia in it's detection rules ; in the past , on earlier platform updates , they have used the "authplay.dll" and the "Annots.api" files .

Hope this helps

Take care

Anthony


--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
banthony RE: adobe 9.3.1 still listed as insecure in PSI
Member 1st Mar, 2010 17:29
Score: 2
Posts: 15
User Since: 26th Feb 2010
System Score: N/A
Location: US
on 27th Feb, 2010 11:13, Anthony Wells wrote:
Hello banthony ,

Secunia say that your first check is to look at "about" in the programme "help" menu

For 9.3.1 update on the 9.3 platform the second check is probably the not "deletable" update showing in Control Panel's "Add/Remove" .

At present the "authplay.dll" seems to update wih Flash not Reader .

The "AcroForm.api" is seemingly he only plug-in updated in this build and may or may not be a/the file used by Secunia in it's detection rules ; in the past , on earlier platform updates , they have used the "authplay.dll" and the "Annots.api" files .

Hope this helps

Take care

Anthony

The Help--> About menu is just using registry entries to display the version. This has proven in the past to not be reliable. If you modify the following key value and set it to 0 (zero) then Adobe will display 9.3.0

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Acrobat Reader\9.0\Installer
Value: VersionMin
Data: 10000 (Hex)

As for the Add or Remove Programs update entry, that also is just a registry query that does not always signify that the update installed correctly.

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-A930 00000001}

The flash player update in no way modifies the files within the Adobe Reader installation directory. The only files it updates are in the following location. This is for the Active-X version.

%windir%\system32\Macromed\Flash

Again I state that the only sure fire way to verify Adobe Reader has been updated to 9.3.1 is by checking the versions on the following two files.

* authplay.dll (%ProgramFiles(x86)%\Adobe\Reader 9.0\Reader) v10.0.45.2
* AcroForm.api (%ProgramFiles(x86)%\Adobe\Reader 9.0\Reader\plug_ins) v9.3.1.203
Was this reply relevant?
+0
-0
Anthony Wells RE: adobe 9.3.1 still listed as insecure in PSI
Expert Contributor 1st Mar, 2010 18:18
Score: 2412
Posts: 3,309
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 1st Mar, 2010 18:20
@banthony ,

I also stand by what I have reported Secunia as saying and/or what I have said .

FWIW: Your first two technical points critiques may be what you say they are (I have not the slightest idea if they are correct) , but they are what is suggested as the first points to be checked by the "normal" PSI/Adobe user .

FWIW : the "authplay.dll" was the source of update recognition problems on an earlier platform when it used to show as a Reader 9x. version number . This changed to a Flash 10.x version number some time ago (can't remember when) ; it's current N # 10.0.45.2 did not appear to change when the 9.3.1 version of Reader was installed and the date stamps seem to indicate that it precedes the 9.3.1. update by a couple of weeks ; around the time Flash was last updated . I have no idea if any files were updated either by Flash or Reader , I do know that Adobe embed Flash in certain programmes and you may need "workarounds" to update them .

FWIW:The "Acroform.api" was seemingly the only plug-in updated with 9.3.1. and seems most likely to be one of , if not the file used by Secunia in it's detection rules (I have implied this earlier on in this thread) . Whether it is the one and only file to be trusted as showing a successful update , I could/would not say for certain .

You will need to ask Secunia or Adobe directly as to whether this is correct .

Take care
Anthony





--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
rtrooney RE: adobe 9.3.1 still listed as insecure in PSI
Member 2nd Mar, 2010 01:16
Score: -1
Posts: 23
User Since: 13th Jun 2008
System Score: N/A
Location: N/A
on 26th Feb, 2010 13:02, Anthony Wells wrote:
@rtrooney

A reboot and full scan is obligatory for M$/Windows updates and is pretty much necessary for all things Adobe . I am "told" this is due to the way stuff is scheduled for deletion , hence install wizards say close all programmes first so you can avoid restarting your system - or words to that effect . A complete shutdown for 10 mins can work wonders on any machine :)

Glad you are sorted .

Anthony
You missed the point, I think. After jumping through all the upgrade/update hoops for Reader 9.3.1, Secunia showed "insecure" for five days for five days of boots. Without anything else changing, on the day six boot Secunia showed Reader as secure. That's what I meant by strange behavior, and I have no idea where the fault lies.
Was this reply relevant?
+0
-0
rtrooney RE: adobe 9.3.1 still listed as insecure in PSI
Member 2nd Mar, 2010 01:16
Score: -1
Posts: 23
User Since: 13th Jun 2008
System Score: N/A
Location: N/A
Last edited on 2nd Mar, 2010 01:18
.
Was this reply relevant?
+0
-0
Anthony Wells RE: adobe 9.3.1 still listed as insecure in PSI
Expert Contributor 2nd Mar, 2010 11:10
Score: 2412
Posts: 3,309
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

@rtrooney ,

Put it down to Windoze Magic(?) . PSI reads what is sees (usually quite accurately) ; what is happening in the bowls of your computer ?? who on earth knows :((

On with more important things ;)

Take care
Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability