Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: OSI still reporting Adobe Reader 9.3.1 as insecure

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
OSI

This thread has been marked as locked.
cyberquotient OSI still reporting Adobe Reader 9.3.1 as insecure
Member 24th Feb, 2010 05:31
Ranking: 0
Posts: 11
User Since: 24th Feb, 2010
System Score: N/A
Location: US
From a thread in the PSI forum, it appears that PSI's detections lagged behind the Adobe release by about 5 days but were eventually updated to properly identify Adobe Reader 9.3.1. 7 days after release, OSI is still identifying Reader 9.3.1 as 9.3.0 and calling it insecure.

When will the same detection update be folded into OSI?

thedillpickl RE: OSI still reporting Adobe Reader 9.3.1 as insecure
Contributor 24th Feb, 2010 08:06
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
Hi cyberquotient;

OSI should have the same info as PSI, I would think they use the same database.

If you would use PSI it would be easier to figure this out. Or, you could use Windows Explorer to find all instances of Adobe Reader and check the date/time stamp and version info for each file.

Post back with more information.


Thank you;

Fred

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+1
-0
cyberquotient RE: OSI still reporting Adobe Reader 9.3.1 as insecure
Member 24th Feb, 2010 08:10
Score: 0
Posts: 11
User Since: 24th Feb 2010
System Score: N/A
Location: US
Perhaps OSI "should" use the same database as PSI, but at the moment I started this thread, it apparently was not.

And I am quite certain there is no older copy of Adobe Reader installed.

Having posted this info, hopefully Secunia will look into and correct the problem.
Was this reply relevant?
+0
-0
This user no longer exists RE: OSI still reporting Adobe Reader 9.3.1 as insecure
Member 24th Feb, 2010 08:48
Last edited on 24th Feb, 2010 08:50 Hi,

The OSI, PSI and CSI all use the same database. The OSI does flag fewer applications, but there is no difference between the rules of one product and the other. It is therefore quite likely that @thedillpicks suggestion is correct, and the first step towards fixing this is indeed checking for more than one version installed. Please post back with the requested information.

It is correct that we had a problem with the Adobe products, as has happened before. This should now be solved.

Hope this helps.
Was this reply relevant?
+0
-0
cyberquotient RE: OSI still reporting Adobe Reader 9.3.1 as insecure
Member 24th Feb, 2010 10:09
Score: 0
Posts: 11
User Since: 24th Feb 2010
System Score: N/A
Location: US
OK, the detection is the same for both OSI and PSI. I've narrowed the problem to only occuring for installs that used a 9.3.0 .msi that's been slipstreamed with the 9.3.1 .msp patch. Apparently that type of installation does not create some file or registry value that OSi and PSI use to confirm the 9.3.1 update.
Was this reply relevant?
+0
-0
This user no longer exists RE: OSI still reporting Adobe Reader 9.3.1 as insecure
Member 24th Feb, 2010 10:24
Hi,

When updating, please use the links we provide (If any). We test our rules based on those files, and other files may or may not update the version info we rely on.

Hope this helps.
Was this reply relevant?
+0
-0

cyberquotient

RE: OSI still reporting Adobe Reader 9.3.1 as insecure
[+]
This reply has been minimised due to a negative Relevancy Score.
thedillpickl RE: OSI still reporting Adobe Reader 9.3.1 as insecure
Contributor 25th Feb, 2010 03:02
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
Hi cyberquotient;

Many people around the world use and enjoy the benefit of a more secure system for free thanks to Secunia. Adobe products do have a habit of being difficult to update. If you would care to download PSI and post back here I would be happy to help you.


Fred

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+1
-0
jpaget RE: OSI still reporting Adobe Reader 9.3.1 as insecure
Member 2nd Mar, 2010 12:46
Score: 0
Posts: 4
User Since: 2nd Mar 2010
System Score: N/A
Location: US
Last edited on 2nd Mar, 2010 12:48
I have the same results as cyberquotient on my PC at home:
1) OSI still flags Adobe Reader 9.3.1 as insecure.
2) It complains about c:\Program Files\Adobe\Reader 9.0\Reader AcroRd32.exe, which it says is the insecure version 9.3.0.148.
3) When I click on the link provided by OSI, it downloads the 9.3.1 patcher AdbeRdrUpd931_all_incr.msp. After I run this and rescan with the OSI, Adobe Reader still is flagged as insecure.
4) AcroForm.api is version 9.3.1.203 and plug_ins\authplay.dll is version 10.0.45.2, confirming that the patch was properly installed.
5) When I scan with PSI instead of OSI, it reports Adobe Reader as patched and as version 9.3.1.0. The instalation path is:
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
6) I haven't been able to find an Adobe Reader installer for 9.3.1; apparently you must first install 9.3.0 then apply the patch for 9.3.1.

I get the same results for 1-4 and 6 on my work computer. Both my home and work computers are running 32-bit Windows XP Pro with SP3 and Adobe Reader 9.3.1. At home I also have PSI 1.5.0.0 installed. Please fix the OSI; as much as I'd like to use the PSI on my computer at work, the license agreement forbids me from doing so.

-- Jim Paget, Los Angeles, California, USA
Was this reply relevant?
+0
-0
M.Hansen RE: OSI still reporting Adobe Reader 9.3.1 as insecure
Secunia Official 2nd Mar, 2010 13:48
Score: 188
Posts: 410
User Since: 26th Jan 2009
System Score: N/A
Location: Copenhagen, DK
Hi

There was an error in the OSI causing it not to detect the correct version for Adobe Reader.
This has now been fixed.

We're sorry for the inconvenience.
jpaget RE: OSI still reporting Adobe Reader 9.3.1 as insecure
Member 2nd Mar, 2010 16:06
Score: 0
Posts: 4
User Since: 2nd Mar 2010
System Score: N/A
Location: US
Last edited on 2nd Mar, 2010 16:07
M.Hansen,

Thanks! OSI now correctly reports Adobe Reader 9.3.1 as patched.

Secunia provides an invaluable service to the Windows user community and it is greatly appreciated.

-- Jim Paget
Was this reply relevant?
+0
-0
spcurmudgeon RE: OSI still reporting Adobe Reader 9.3.1 as insecure
Member 10th Mar, 2010 00:14
Score: 0
Posts: 1
User Since: 10th Mar 2010
System Score: N/A
Location: US
Last edited on 10th Mar, 2010 00:15
As of March 10 I'm still seeing the problem referenced above. I've used the update file that OSI indicates, done both a hard and soft reboot. I've uninstalled Reader and then re-installed and patched as indicated in the OSI and rebooted, and I'm still seeing Reader flagged as insecure.

spc
Was this reply relevant?
+0
-0
Anthony Wells RE: OSI still reporting Adobe Reader 9.3.1 as insecure
Expert Contributor 10th Mar, 2010 00:35
Score: 2414
Posts: 3,310
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 10th Mar, 2010 00:36

@spc

You are not the only one ; see this thread :-

http://secunia.com/community/forum/thread/show/371...

You need to wait for Secunia to recheck their rules .

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
cyberquotient RE: OSI still reporting Adobe Reader 9.3.1 as insecure
Member 10th Mar, 2010 01:23
Score: 0
Posts: 11
User Since: 24th Feb 2010
System Score: N/A
Location: US
They're most likely looking at the wrong file when testing for version 9.3.1.203. They should be looking at Acroform.api.
Was this reply relevant?
+0
-0
renman RE: OSI still reporting Adobe Reader 9.3.1 as insecure
Member 10th Mar, 2010 04:37
Score: 1
Posts: 18
User Since: 6th Oct 2009
System Score: N/A
Location: US
Last edited on 10th Mar, 2010 05:47
"Add/Remove programs" in XP Pro SP2 reports 9.3.1

Belarc Advisor reports Adobe Acrobat Version 9.3.0.148

This is March 9, 2010, 10:32 EST.

I think something like this happened once before and while the program was actually updated, the update failed to remove an older file.

In any case, this proves that OSI and PSI are looking at different things to make their determination. Whether they use the same database is irrelevant; the point is that the results are different, and one of them is wrong.

I think the IE & FF plug-ins are not updated.

File version of AcroRd32.exe, AFTER update is 9.3.0.148
Was this reply relevant?
+0
-0
M.Hansen RE: OSI still reporting Adobe Reader 9.3.1 as insecure
Secunia Official 10th Mar, 2010 14:42
Score: 188
Posts: 410
User Since: 26th Jan 2009
System Score: N/A
Location: Copenhagen, DK
Hi

We have done some minor changes to avoid the OSI not detecting the correct version of Adobe Reader 9.3.1.

The issue should have been fixed.
renman RE: OSI still reporting Adobe Reader 9.3.1 as insecure
Member 10th Mar, 2010 14:46
Score: 1
Posts: 18
User Since: 6th Oct 2009
System Score: N/A
Location: US
As of now, OSI no longer shows Adobe Reader as insecure.
Was this reply relevant?
+0
-0
jpaget RE: OSI still reporting Adobe Reader 9.3.1 as insecure
Member 10th Mar, 2010 22:33
Score: 0
Posts: 4
User Since: 2nd Mar 2010
System Score: N/A
Location: US
Confirmed. OSI is once again correctly reporting Adobe Reader 9.3.1 as patched.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability