Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: So disappointed...

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
msacks_us So disappointed...
Member 27th Feb, 2010 22:41
Ranking: 0
Posts: 2
User Since: 27th Feb, 2010
System Score: N/A
Location: US
Secunia PSI used to be a great program, but alas it's becoming just another piece of software that no longer functions properly. Before anyone says oh just follow the instructions in post 'x', or did you reboot, or did you .... the answer is yes, I did.

As of today, I have the following issues:

1. Adobe Flash Player 10.x
===================
Secunia is detecting version 10.0.42.34(NPAPI) as insecure. I downloaded an ran the Adobe uninstaller, and rebooted. The stupid issue here is that Secunia says the installation path is "C:\Windows\System32\Macromed\Flash\NPSWF32.dll". Hey Secunia, that path doesn't exist on my computer.

2. Adobe Flash Player 10.x
===================
Secunia is detecting version 10.0.42.34(NPAPI) as insecure. This time the path is "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll", now I'm sure no one will be surprised to learn that while that path exists, there are no files in the folder.

3. Adobe Reader 9.x
===================
Secunia is detecting version 9.3.0.148 as insecure. Hmmm, 9.3.0.148 is the latest version available. Best not to use it, Secunia thinks it's unsecure.

4. Mozilla Firefox 3.5.x
===================
Secunia is detecting version 3.5.7 as insecure. Hmmm again, I'm running the latest version available 3.6. Perhaps I should switch back to IE8, oh wait, Secunia tells me not to use IE8 on Window 7 64-bit OS as it's insecure, maybe I should get Google Chrome or just stop using web browsers.

Sorry to be a bit sarcastic here, but Secunia has really let their software quality drop. I see ton's of posts here in the forums from other users all with similar issues, and I never see a response from anyone from Secunia. Oh well, I can't complain too much, the software is free - I guess I'm getting what I paid for. :(

thedillpickl RE: So disappointed...
Contributor 28th Feb, 2010 04:07
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
Last edited on 28th Feb, 2010 04:15
Hi msacks_us;

Sounds like your mind is made up, so I'll make this short.

Is Win7 new to you? It is to everybody else! RTM: July 22, 2009 http://en.wikipedia.org/wiki/Windows_7

I have seen several threads on this forum about the problems you report, some have fixes or at least reasons, some don't.

All browsers have vulnerabilities, Secunia just points out where, when, why and how.

Your the only one, my friend. Is it nice on your island?

Notwithstanding, the customer is always right.


regards;

Fred

p.s. E.Petersen, a Secunia Official, responds to threads often.

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
This user no longer exists RE: So disappointed...
Member 28th Feb, 2010 11:44
Last edited on 28th Feb, 2010 12:16 Welcome msacks_us

Win7 in not new to me so I will do my best to offer help where I can.

PSI rates Adobe Flash Player as only Moderately Critical (3 of 5)

(unknown source)
Adobe Flash Player 10.x
This installation of Adobe Flash Player 10.x was detected as being patched.

The Secunia PSI has not detected any missing security related patches for this program. No further actions are currently needed.

Installation Path
C:\Windows\System32\Macromed\Flash\Flash10e.ocx

Note: this path is not visible in Windows 7 as it is protected.

If I believed everything Secunia PSI rated as Moderately Critical or above I would not use a computer as all browsers have vulnerabilities and as long as you mainain Windows with the latest Microsoft Updates and Adobe Flash Player with its updates and as long as there is nothing in Insecure Programs I would not worry about it.



Was this reply relevant?
+0
-0
Anthony Wells RE: So disappointed...
Expert Contributor 28th Feb, 2010 12:37
Score: 2437
Posts: 3,324
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 28th Feb, 2010 12:46

@msacks_us

[quote=t3634]Secunia PSI used to be a great program, but alas it's becoming just another piece of software that no longer functions properly. Before anyone says oh just follow the instructions in post 'x', or did you reboot, or did you .... the answer is yes, I did.

As of today, I have the following issues:



3. Adobe Reader 9.x
===================
Secunia is detecting version 9.3.0.148 as insecure. Hmmm, 9.3.0.148 is the latest version available. Best not to use it, Secunia thinks it's unsecure.

4. Mozilla Firefox 3.5.x
===================
Secunia is detecting version 3.5.7 as insecure. Hmmm again, I'm running the latest version available 3.6. Perhaps I should switch back to IE8, oh wait, Secunia tells me not to use IE8 on Window 7 64-bit OS as it's insecure, maybe I should get Google Chrome or just stop using web browsers.END QUOTE ""

FWIW ; the up to date version of Adobe Reader 9.x is 9.3.1. ; yuor version as reported by PSI is "insecure" .

The up to date version of Mozilla Firefox 3.5.x is 3.5.8. ; your version is also "insecure" - try reading the relevant Secunia Advisories . If you have 3.6., where does PSI show 3.5.7. ?? is it a back up file ??

Secunia officials drop in when they have time to fix "real" problems .

The Win 7 problem of PSI detecting the correct 32 bit Adobe Flash Player files on a 64 bit OS has been brought up on other threads (if you take the time to look for them , first) and seems to involve all three parties ; I'll leave all that to Yokenny .

This advice is free from me ;) you chose whether to follow it .

Take care
Anthony


--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
skia7 RE: So disappointed...
Member 28th Feb, 2010 13:20
Score: 0
Posts: 18
User Since: 2nd Sep 2009
System Score: N/A
Location: NL
Secunia does it really well it seems.
have u considered the shadow files of these adobe and dll that dont exist unsed file extensions?
secunia only points things out i have an opinion it does it well.
what to do about the solution is your own decision.
maybe delete adobe?
Was this reply relevant?
+0
-0
skia7 RE: So disappointed...
Member 28th Feb, 2010 13:21
Score: 0
Posts: 18
User Since: 2nd Sep 2009
System Score: N/A
Location: NL
maybe mozilla IS insecure.
i use opera speed dial no worries.
Was this reply relevant?
+0
-0
thedillpickl RE: So disappointed...
Contributor 1st Mar, 2010 02:08
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
@YoKenny, not to grouse about it, but if I remember correctly you had a prerelease version of 7. The final version has only been out for seven months, that's new.


Fred

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
msacks_us RE: So disappointed...and confused
Member 1st Mar, 2010 04:46
Score: 0
Posts: 2
User Since: 27th Feb 2010
System Score: N/A
Location: US
I've been searching for solutions to my issues on and off today without luck. I've performed numerous reboots, and checked the Adobe and Mozilla sites for patches I may have missed. The only one I found was a security patch for Adobe Reader, but even after I installed it, Secunia still indicated that Adobe Reader was insecure. Strangely enough when I got up this morning, one of the two issues with Adobe Flash Player 10.x had disappeard.

There is an interesting post here in the forums from another user who explained why Secunia was reporting the Adobe Flash Player in 2 location (
http://secunia.com/community/forum/thread/show/325...). Basically on a 64-bit system like mine, the OS tricks the application into thinking it has installed into a 32-bit location, even though the file truly only exists in one place. But, if Secunia found the one file and accepted it as valid, then both locations should be valid - after all, there is only the one file.

As to Firefox, that one's strange, even though I had version 3.6 installed, and a search on my HDD revealed only the single copy firefox.exe (exactly where Secunia said the insecure file was), Secunia insisted on telling me I had version 3.5.7 installed.

Now here's where things get really strange. My assumption is that the folks at Secunia just updated their database. I just re-scanned the 4 items I was having issues with, and now all of them are fine and my computer is back to a Secunia System Score of 100%. Ten minutes before I started posting this response, the issues were unresolved, but as I checked each of them while posting this they all cleared up.

Notes to some of the responders to my post:
================================
thedillpickl: It's quite nice on my island, thanks for asking. Learn how to detect sarcasim. Also, an OS that's been out as long as Win 7 is not new. BTW, do something about your horrendous signiture block. No one cares what kind (or how many) computers you have - and your thank you list doesn't belong in a signature block.

Anthony Wells: Thanks for pointing out that I missed the security patch. As to your comments "The up to date version of Mozilla Firefox 3.5.x is 3.5.8. ; your version is also "insecure" - try reading the relevant Secunia Advisories . If you have 3.6., where does PSI show 3.5.7. ?? is it a back up file ??" PSI show's you the "detected" version of the software when you expand the insecure item. As for more details on the Firefox issue (see above). As to your other unhelpfull comment "Secunia officials drop in when they have time to fix "real" problems .", having security tool like Secunia PSI tell me I have a vulnerabilty when I don't is a real problem - at least on the island I live on.

I stand by my original comments - I really like this software, and have recommended it to many colleagues, but it to me it seems like quality is slipping a bit.
Was this reply relevant?
+0
-0
thedillpickl RE: So disappointed...and confused
Contributor 1st Mar, 2010 07:08
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
J'ai voulu être hostile vers lui. Nous devrions plaindre, ne pas être fâchés. Convenez-vous ?

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
thedillpickl RE: So disappointed...and confused
Contributor 1st Mar, 2010 07:34
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
Hi msacks_us;

I am pleased your problem is resolved.

The equipment list in my signature line was by request. I was told that it was unfair of me, to dispense help, with out others knowing what I was running. As it makes no difference to me, this can be removed.

The thank you was my way to recognize that many people volunteer both time & knowledge on the forum. This can be removed also.

Now that the pleasantries are over, you are rid of me.


Good day;

Fred

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
Anthony Wells RE: So disappointed...and confused
Expert Contributor 1st Mar, 2010 13:28
Score: 2437
Posts: 3,324
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 1st Mar, 2010 13:57
Hi Fred ,

C'est vrai , but I guess some people don't know that Secunia don't work on PSI at the weekends ; nor that fiddling with Windoze can cause the system to reset itself , thus changing the PSI read out after a full re-scan ; nor that a reboot and/or cold start and/or full rescan is necessary with many products :eg: M$/Windoze updates , similar for Adobe stuff .

PSI reads what it sees without being judgemental , whether a "vulnerability" is a real "insecurity" depends , hence the need for human interpretation . You pay's your penny and you takes your choice .

That's why the Forum is what it is and always has been ; then again , helpful unassuming advice is also often rejected by some as too basic , to their eternal loss .

I mean't to ask , does an American reliance on obvious sarcasm (supposedly humourous) prevent you seeing the subtleties of English irony ?? T'would be a shame if that were the case , don't you think ??.

Enough badinage ,

Take care
Anthony

PS: So disappointed you no longer have a signature with your software detailed ; what will Yokenny think of you !!

PPS : I wonder if my tips for new posters would be considered helpful :-

To help resolve any problem , here are some instructions to help you first of all get the best out of PSI :-

1)use PSI in "advanced" mode ;
2)in the "settings" tab make sure that the box in the first/upper section is NOT ticked in order to have the maximum info available ;
3)tell us in which "tab(s)" your problem programme is located ;
4)in that tab , click on the + in the box at the left end of the programme , the page will expand ;
5)in the expanded page , tell us what is written in the "installation path" ;
6)in the "toolbox" section , lower down , the link "technical details" should confirm the installation path details ;
7)click on the link "open folder" and you will see more details concerning the location of the "problem" .

Posting these details will help the Forum help you , if/when you have a problem .

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
thedillpickl RE: So disappointed...
Contributor 1st Mar, 2010 14:48
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
Well, I lied, you are not rid of me yet. My apologizes, but it would be rude not to answer my friend. Don't worry this will be brief, I'm off to work.

The signature line thing always felt a bit off for my personality anyhow. I find it a little ostentatious to proclaim to the world 'I have such & such, you don't'. As you know, I do tend to resist change, so once I listed my machines (by request)...

The thank you & other things tagged on after that do reflect my personality. I'm certain the quote at the end of your posts is much the same.

I try not to be critical of others, but am prone to that end. It is a failing of mine. Sometimes this comes out as sarcasm which I try to make palatable by adding humor. Perhaps I should rethink this also. Negative emotion + humor = ???

Oddly enough I do see the irony in all this. msacks_us appears to be very knowledgeable and articulate, he would be of great help on the forum.

I'll end now, late for work & I feel the criticalness creeping back up.


Fred

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability