Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Secunia Advisory SA38791 false positive?

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
davisj Secunia Advisory SA38791 false positive?
Member 11th Mar, 2010 19:32
Ranking: -9
Posts: 19
User Since: 30th May, 2009
System Score: N/A
Location: UK
PSI reports Vista insecure and the Secunia Advisory SA38791 in technical details refers to MS Movie Maker. The related MS bulletin is MS010-016 which provides a download for Vista that is not offered by MS Update - KB975561. The patch was released on 3/8/2010. When I try to install the patch MS reports that it does not apply to my system.

Does anyone know if this is a false positive or has MS Update not caught up with the problem yet?

Dell Inspiron 530
Vista Home Premium
AV Free anti-virus

bjm__ RE: Secunia Advisory SA38791 false positive?
Member 11th Mar, 2010 19:50
Score: 64
Posts: 374
User Since: 9th Mar 2009
System Score: 100%
Location: US
Last edited on 11th Mar, 2010 19:53
Hello
Do you have Movie Maker 6.0 or 2.6
I'll presume u have reviewed > http://www.microsoft.com/technet/security/bulletin...
Do you have > Windows Live Movie Maker, which is available for Windows Vista and is not affected by this vulnerability.
re> When I try to install the patch MS reports that it does not apply to my system.
Respectfully ~ do you have the affected software on your system?

bjm-
Was this reply relevant?
+5
-0
davisj RE: Secunia Advisory SA38791 false positive?
Member 11th Mar, 2010 20:09
Score: -9
Posts: 19
User Since: 30th May 2009
System Score: N/A
Location: UK
Hi bjm

The version shown is Windows Movie Maker 6.0.6002.18005 from the help menu. I assume that this is not the Windows Live version - how do I tell?
Was this reply relevant?
+0
-0
ddmarshall RE: Secunia Advisory SA38791 false positive?
Dedicated Contributor 11th Mar, 2010 20:09
Score: 1198
Posts: 953
User Since: 8th Nov 2008
System Score: 98%
Location: UK
It was installed by Automatic Update on my Vista Home Premium SP2 on 9th March. Only Live Mail and Photo Gallery Installed.

--
This answer is provided “as-is.” You bear the risk of using it.
Was this reply relevant?
+0
-0
bjm__ RE: Secunia Advisory SA38791 false positive?
Member 11th Mar, 2010 20:47
Score: 64
Posts: 374
User Since: 9th Mar 2009
System Score: 100%
Location: US
Last edited on 11th Mar, 2010 20:52
Hi davisj
I have the same ~ Windows Movie Maker 6.0.6002.18005
Update for Windows Movie Maker 6.0.6002.18005 was installed via Windows Update on M$ Download Tuesday.
What happens when you run "check for updates" via Windows Update
What happens when you run "check for updates" via Windows Update
What happens when you click Movie Maker 6.0 for Windows Vista @ http://www.microsoft.com/technet/security/bulletin...
Do you open > Security Update for Movie Maker 6.0 for Windows Vista (KB975561)
http://www.microsoft.com/downloads/details.aspx?fa...

bjm-
Was this reply relevant?
+0
-0
davisj RE: Secunia Advisory SA38791 false positive?
Member 13th Mar, 2010 18:01
Score: -9
Posts: 19
User Since: 30th May 2009
System Score: N/A
Location: UK
Hi bjm

MS Update doesn't offer me KB975561 no matter how many times I try it. If I follow the links you suggest the download reports that the update does not apply to my system. So at least MS is consistent!.

[b]Programs and Features[/] doesn't display any security updates for Vista at all although [b]Update History[b/] shows many installed. I assume this is a problem with my system? Similarly, clicking [b]Windows Features[b/] just shows a blank window. I have posts out on other forums about the [b]Programs and Features [b/] issue.

I've not had problems before in applying security updates for Vista. So my thinking is that the explanation is one of the following in order of likelihood:
1. There is a fault with MS Update on my system that is preventing the need for the patch being detected.
2. The patch is genuine but hasn't yet come round to me - I don't know if this is possible.
2. A PSI false positive.

What do you think - any ideas gratefully accepted as I'm getting a bit desperate.
Was this reply relevant?
+0
-0
davisj RE: Secunia Advisory SA38791 false positive?
Member 13th Mar, 2010 18:02
Score: -9
Posts: 19
User Since: 30th May 2009
System Score: N/A
Location: UK
Hi ddmarshall

Still no luck for me via MS Update - see my post to bjm above.
Was this reply relevant?
+0
-0

davisj

RE: Secunia Advisory SA38791 false positive?
[+]
This reply has been minimised due to a negative Relevancy Score.
bjm__ RE: Secunia Advisory SA38791 false positive?
Member 13th Mar, 2010 18:30
Score: 64
Posts: 374
User Since: 9th Mar 2009
System Score: 100%
Location: US
Last edited on 13th Mar, 2010 18:40
Hi davisj
Sorry to hear your issue is not resolved....Not a false/positive IMO
http://social.answers.microsoft.com/Forums/en-US/v...
http://www.microsoft.com/security/updates/bulletin...
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338.

Did you receive any March M$ Download Tuesday Updates.
KB973917 Update for Windows Vista
KB 890830 Windows Malicious Software Removal Tool
KB 975561 Movie Maker 6.0

What does View Update History display.
What is the latest Windows Defender update you view via Update History.

You may post your issue here.
Windows Forum > http://windows.microsoft.com/en-us/windows/help/co...
>http://www.microsoft.com/communities/default.mspx

Since KB 975561 is a Security Update > Try calling M$ @ 866-PCSafety.
M$ offers free support for (some) Security related issues.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338.

bjm-
Was this reply relevant?
+0
-0
ddmarshall RE: Secunia Advisory SA38791 false positive?
Dedicated Contributor 13th Mar, 2010 21:27
Score: 1198
Posts: 953
User Since: 8th Nov 2008
System Score: 98%
Location: UK
Last edited on 13th Mar, 2010 22:24
There's another poster having problems with this update

http://secunia.com/community/forum/thread/show/375...

He has a French OS. I'm assuming you got your system in the UK.

Do you have a 64bit system? In that case you need this download:

http://www.microsoft.com/downloads/details.aspx?fa...

The features window can take a long time to fill up.

--
This answer is provided “as-is.” You bear the risk of using it.
Was this reply relevant?
+0
-0
bjm__ RE: Secunia Advisory SA38791 false positive?
Member 13th Mar, 2010 22:47
Score: 64
Posts: 374
User Since: 9th Mar 2009
System Score: 100%
Location: US
Last edited on 13th Mar, 2010 22:56
thanks ddmarshall....davisj may have 64bit....I should have asked....thanks

this link offers Update for all 32/64 bit

http://www.microsoft.com/technet/security/bulletin...

Vista x86 or Vista x64

bjm-
Was this reply relevant?
+0
-0
Aprazeth RE: Secunia Advisory SA38791 false positive?
Member 20th Mar, 2010 10:52
Score: 0
Posts: 4
User Since: 20th Mar 2010
System Score: N/A
Location: NL
As a thought to finding the cause;

What might be an idea is to try installing the patch again - and then review your Event logs (I believe the Application set) to see if it logs anything relevant information in there (error opening files etc.)
Was this reply relevant?
+0
-0
bjm__ RE: Secunia Advisory SA38791 false positive?
Member 20th Mar, 2010 17:45
Score: 64
Posts: 374
User Since: 9th Mar 2009
System Score: 100%
Location: US
@ davisj
Please update your status...
Have you contacted Microsoft Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. I'm sure M$ Support will resolve issue...and it's free for Security Issues.

Cheers
bjm-
Was this reply relevant?
+0
-0
davisj01 RE: Secunia Advisory SA38791 false positive?
Member 21st Mar, 2010 18:26
Score: 0
Posts: 4
User Since: 26th Aug 2009
System Score: N/A
Location: N/A
Hi bjm

I'm in the UK so have used international contact point with Microsoft. I have logged a security incident with M$ and am awaiting a response. I will post as soon as I hear anything.
Was this reply relevant?
+0
-0
bjm__ RE: Secunia Advisory SA38791 false positive?
Member 21st Mar, 2010 20:44
Score: 64
Posts: 374
User Since: 9th Mar 2009
System Score: 100%
Location: US
Last edited on 21st Mar, 2010 20:47
Hi davisj / davisj01
My oversight as to your location.
Your posts @ davisj do indeed display UK.
System Score: N/A
Location: UK

Your last post @ davisj01 does not display location.
System Score: N/A
Location: N/A

Maybe you have two profiles or davisj & davisj01 are not the same user?
Is this the contact site for UK ?
http://www.microsoft.com/worldwide/phone/contact.a...

thanks for update...
bjm-

Was this reply relevant?
+0
-0
This user no longer exists RE: Secunia Advisory SA38791 false positive?
Member 22nd Mar, 2010 08:55
Hi,

Some Microsoft Update require that you reboot, and install them over several "turns", if you will.
Please try rebooting, rescanning, and re-downloading the solution. If you still show as insecure (after a patch was installed), you may need to reboot again.

hope this helps.
Was this reply relevant?
+0
-0
davisj RE: Secunia Advisory SA38791 false positive?
Member 22nd Mar, 2010 15:22
Score: -9
Posts: 19
User Since: 30th May 2009
System Score: N/A
Location: UK
Hi bjm

davsj and davisj01 are one and the same. One of the posts suggested that I re-install PSI to try to resolve the problem and I did so with a different profile. Sorry about the confusion, I'll stick to davisj from now on.

The link you gave for the UK is correct.

I am in touch with M$ on the issue by email. They have responded predictably effectively stating that if Windows Update says my system is up to date, it is. I have responded by referring them to the relevant security bulletin together with screenshots and the Windows Update log. I'll post when I receive more news. To give them their due M$ have been prompt on this one.

I am beginning to suspect that there is something amiss with my Windows Update installation.
Was this reply relevant?
+0
-0
davisj RE: Secunia Advisory SA38791 false positive?
Member 22nd Mar, 2010 15:29
Score: -9
Posts: 19
User Since: 30th May 2009
System Score: N/A
Location: UK
Last edited on 22nd Mar, 2010 15:30
Hi E. Petersen

The problem is that I am never presented with KB977165 via Windows Update no matter how many times I run it. And the download available on M$ Downlaod Centre does not apply to my system.

I am in touch with M$ Support on the issue - see my post to bjm above. Hope to have some further news soon.
Was this reply relevant?
+0
-0
TerryGH RE: Secunia Advisory SA38791 false positive?
Member 22nd Mar, 2010 16:32
Score: 0
Posts: 1
User Since: 22nd Mar 2010
System Score: N/A
Location: US
FWIW ... I also received the same notice for my XP Pro SP3 machine when I booted up this am, but MS update site showed all critical updates were installed.

Per another note I read here, I re-ran the PSI rescan and it came back showing no problems.

TGH
Was this reply relevant?
+0
-0
davisj RE: Secunia Advisory SA38791 false positive?
Member 22nd Mar, 2010 17:08
Score: -9
Posts: 19
User Since: 30th May 2009
System Score: N/A
Location: UK
Hi TerryGH

FIXED AT LAST. I had run the PSI scan several times without any luck. When I read your post I thought I'd give it another go without much hope, while I had a cup of tea (yes it's true what they say about us Brits!). Lo and behold, when I got back to mission control PSI was 100%. Thanks a bunch!
Was this reply relevant?
+0
-0
bjm__ RE: Secunia Advisory SA38791 false positive?
Member 22nd Mar, 2010 17:58
Score: 64
Posts: 374
User Since: 9th Mar 2009
System Score: 100%
Location: US
Last edited on 22nd Mar, 2010 18:00
Hi davisj
Fixed At Last
re > The problem is that I am never presented with KB977165 via Windows Update no matter how many times I run it. And the download available on M$ Downlaod Centre does not apply to my system.
------------------------------------------
So, does your Windows Update History show KB977165 as Installed...might it have been installed all along? (explaining why you were never presented with KB977165) Requiring reboot(s) to finalize installation...and PSI rescans to acknowledge....as Secunia ~ E. Peterson advised.

Well, Happy to hear...Fixed At Last
Cheers
bjm-

Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability