Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Misidentification of version?

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
IBM
And, this specific program:
ThinkVantage System Update 3.x

This thread has been marked as resolved.
Devil505 Misidentification of version?
Member 8th May, 2010 23:05
Ranking: 0
Posts: 8
User Since: 8th May, 2010
System Score: N/A
Location: DE
As of a couple of days ago PSI seems to misidentify the version of the installed TVSU - the "About" states the (most recent for Win XP) version 3.14.0024, Build date: 2009-6-12, while PSI insists it's 3.0.23.0 - until these couple of days ago there was no alert and the installation of TVSU is unchanged for several month now - curiously enough the "add or remove software"-database of XP gives a completely different version number clicking on "additional support information": 3.14.0017...

Post "RE: Misidentification of version?" has been selected as an answer.
Maurice Joyce RE: Misidentification of version?
Handling Contributor 9th May, 2010 01:14
Score: 11312
Posts: 8,726
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Uninstall PSI & then reinstall - does that solve the problem? If not what is the path to the vulnerability?

FINDING A VULNERABILITY FILE PATH
=================================

To locate the exact file that the Secunia PSI has detected, use or switch to the ADVANCED interface, then :

1 Click on the + sign of the programme to "expand' it.
2 Click on Technical Details in the Toolbox to see the installation path of the detected file. (Copy (CTRL+C) & paste (CTRL+V) the Installation Path of the file back to the Forum if U are unsure what to do next.

Revision 2

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+1
-1
cb5264 RE: Misidentification of version?
Member 9th May, 2010 20:46
Score: -1
Posts: 2
User Since: 3rd Jan 2009
System Score: 100%
Location: AT
Same Problem here. Reinstalled PSI, reinstalled System Update, Problem persists

Installed Version: 4.00.0024
Detected Version: 3.0.23.0

Path: C:\Program Files (x86)\Lenovo\System Update\Tvsukernel.exe
Secunia Advisory (English): SA30379
Was this reply relevant?
+0
-1
Devil505 RE: Misidentification of version?
Member 9th May, 2010 22:57
Score: 0
Posts: 8
User Since: 8th May 2010
System Score: N/A
Location: DE
Reinstalled PSI and new full system scan getting the same result as before:

ThinkVantage System Update 3.x
This installation of ThinkVantage System Update 3.x is insecure and potentially exposes your system to security threats!
Secunia strongly recommends that you update this program by installing the update that is provided by the vendor of this program.
Installation Path
C:\Program Files\Lenovo\System Update\Tvsukernel.exe Solution from Secunia advisory (English) (SA30379)
Update to version 3.14.


As to the re-installation of PSI (uninstall of PSI via XP' "remove software" and THEN full new install): after the new install and (as far as I can tell) before any new scan it seemed still use the database of the previous installation - is it possible that whatever data the previous instance of PSI saved anywhere wasn't cleaned by the uninstall?

Whatever: without knowing the algorithms PSI uses for identification I'd WAG on a signature problem...

What's weird there is that until a couple of days ago everything was "fine" - possibly the state of the older version of TVSU was just recently changed to a security threat?
Was this reply relevant?
+0
-1
cb5264 RE: Misidentification of version?
Member 9th May, 2010 23:12
Score: -1
Posts: 2
User Since: 3rd Jan 2009
System Score: 100%
Location: AT
on 9th May, 2010 22:57, Devil505 wrote:
Whatever: without knowing the algorithms PSI uses for identification I'd WAG on a signature problem...


I would say that PSI tries to determine the version of various binaries or libraries - and that the problem might be rooted there. As there might be a problem with the old version...
Was this reply relevant?
+0
-0
mogs RE: Misidentification of version?
Expert Contributor 9th May, 2010 23:17
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Can't help you in any other way....but I do remember Emil ( Secunia Official); stating, fairly recently, that Secunia does'nt " memorize. It scans as is. Regards.

--
Was this reply relevant?
+0
-0
Maurice Joyce RE: Misidentification of version?
Handling Contributor 9th May, 2010 23:42
Score: 11312
Posts: 8,726
User Since: 4th Jan 2009
System Score: N/A
Location: UK
How & what PSI does is here:

http://secunia.com/vulnerability_scanning/personal...

It does not store any personal records.

Clearly the uninstall/reinstall has not cured the issue. It was a long shot in that it has corrected numerous other issues for people on the Forum after a Secunia server "wobbly".

Does this site help? It has different version numbers to that U have given.

http://www-307.ibm.com/pc/support/site.wss/LENV-DI...







--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
This user no longer exists RE: Misidentification of version?
Member 10th May, 2010 08:42
Hi,

Could one of the people having this problem follow this procedure?
1) Verify you have version 3.14 installed. Look in the "about" tab in the program. Please do not submit a suggestion if it says anything but "3.14"
2) Verify there is only one version installed - eg. not one in the patched tab, and one in Insecure.
3) Submit a software suggestion of the file "Tvsukernel.exe", putting in the comment field "Attn: Emil 3.14"

I will then be able to correct our version rules.
Was this reply relevant?
+0
-0
emmjay200 RE: Misidentification of version?
Member 10th May, 2010 15:44
Score: 2
Posts: 5
User Since: 24th Dec 2009
System Score: N/A
Location: CA
Version 3.14 is the latest XP and Vista Version. This version is not supported under Win 7. Users with Win7 must have Version 4.

If PSI can be changed to recognize this difference then all will be well.

I have a Win7 laptop and have version 4 installed. PSI seems to think that I have V3.0 installed.

--
MJ
Was this reply relevant?
+0
-0
pnickerson RE: Misidentification of version?
Member 11th May, 2010 07:21
Score: 7
Posts: 6
User Since: 11th May 2010
System Score: N/A
Location: US
on 10th May, 2010 08:42, wrote:
Hi,
Could one of the people having this problem follow this procedure?
1) Verify you have version 3.14 installed. Look in the "about" tab in the program. Please do not submit a suggestion if it says anything but "3.14"
2) Verify there is only one version installed - eg. not one in the patched tab, and one in Insecure.
3) Submit a software suggestion of the file "Tvsukernel.exe", putting in the comment field "Attn: Emil 3.14"
I will then be able to correct our version rules.
1) Yup. Well, it says "Version: 3.14.0024, Build date: 2009-6-12". I downloaded and reinstalled it today, and saw that it removed and replaced the file in question during the process.
2) Yup, it's only in the Insecure tab, not in any other.
3) OK, did it. BTW, the file property details tab says the file version and product version are both 3.0.23.0, and the date modified is 6/12/2009 10:55 AM.
Was this reply relevant?
+0
-0
This user no longer exists RE: Misidentification of version?
Member 11th May, 2010 09:05
Hi,

As you already noticed, the version info for the file that was submitted was not correct. It therefore cannot the used as the base of a rule. Could anyone here try to find a file that has a version field containing "3.14", and suggest it like suggestion before with "Attn: Emil" in the comment field?

Please be sure to write which program a suggested file belongs to. The more suggestions the better, I'll post back here once a suitable file has been found.

Now, the file should belong to ThinkVantage System Upgrade, and hovering your mouse over the file should show a "version" field at least starting with "3.14". If this criteria is met, please suggest the file.
Was this reply relevant?
+0
-0
pnickerson RE: Misidentification of version?
Member 11th May, 2010 23:00
Score: 7
Posts: 6
User Since: 11th May 2010
System Score: N/A
Location: US
On my computer, the Start Menu shortcut for Lenovo Care System Update points to "C:\Program Files\Lenovo\System Update\tvsu.exe". This file has no version info. It does have a date modified field of "6/12/2009 10:55 AM".

I added "Product version", "File version", and "Version" columns to my Windows Explorer, and checked all the sub folders under \System Update\ and that folder itself, and not a single file has a version starting with or containing 3.14. The versions I do see include 0.0.*, 1.0.*, 3.0.*, 4.32.*, and 6.0.*.

Should we upload the tvsu.exe file to you?
Was this reply relevant?
+0
-0
Ernst01 RE: Misidentification of version?
Member 11th May, 2010 23:42
Score: 0
Posts: 3
User Since: 11th May 2010
System Score: 95%
Location: DE
Last edited on 11th May, 2010 23:50
on 10th May, 2010 15:44, emmjay200 wrote:
Version 3.14 is the latest XP and Vista Version. This version is not supported under Win 7. Users with Win7 must have Version 4.

If PSI can be changed to recognize this difference then all will be well.

I have a Win7 laptop and have version 4 installed. PSI seems to think that I have V3.0 installed.


Attn: Emil

I agree to the quoted staement above and I'd like to add:
For Windows 7 PSI erronously refers to Thinkvantage System Update Version 3.x in reporting it as insecure. In fact Version 3.x is not installed but the current Version 4.x.
The directory ...\Program Files\Lenovo\System Update\
contains the following two files (amongst some others):
tvsu.exe Version 4.0.0.1 and Tvsukernel.exe Version 3.0.23.0
I'd suggest that for Windows 7 PSI look at the former instead of the latter in order to determine the installed Version of Thinkvantage System Update.



--
Have a nice day
Ernst
Lenovo A58 Windows7 Professional 32bit
Was this reply relevant?
+0
-0
This user no longer exists RE: Misidentification of version?
Member 12th May, 2010 09:11
on 11th May, 2010 23:00, pnickerson wrote:

I added "Product version", "File version", and "Version" columns to my Windows Explorer, and checked all the sub folders under \System Update\ and that folder itself, and not a single file has a version starting with or containing 3.14. The versions I do see include 0.0.*, 1.0.*, 3.0.*, 4.32.*, and 6.0.*.


Hi,
Please suggest the file with the info of "4.32".

on 11th May, 2010 23:42, Ernst01 wrote:

contains the following two files (amongst some others):
tvsu.exe Version 4.0.0.1 and Tvsukernel.exe Version 3.0.23.0
I'd suggest that for Windows 7 PSI look at the former instead of the latter in order to determine the installed Version of Thinkvantage System Update.


If the files tvsu.exe has meaningful version information, please suggest it, clearly stating which version of the program you have, and commenting it "Attn: Emil". I'll then ensure we have proper detection.
Was this reply relevant?
+0
-0
khstroem RE: Misidentification of version?
Member 12th May, 2010 10:43
Score: 0
Posts: 2
User Since: 4th Apr 2009
System Score: N/A
Location: DK
Last edited on 12th May, 2010 12:47
Hello Emil

I'm experiencing the same problem on a Windows 7 x 64 bit on a Lenovo T61. If you like, you're welcome to contact me and we can set up a session where you can have direct access to my desktop.

Rgds, Knud Henrik StrÝmming
Was this reply relevant?
+0
-0
pnickerson RE: Misidentification of version?
Member 12th May, 2010 20:59
Score: 7
Posts: 6
User Since: 11th May 2010
System Score: N/A
Location: US
on 12th May, 2010 09:11, wrote:
Please suggest the file with the info of "4.32".
Oh, woops. I took another look at the file that has that version, and it's called "7za.exe". It's a redistribution of the 7-Zip Standalone Console Version decompresser; it was not produced by Lenovo.

There is a file in the \System Update\ directory called "SystemUpdate314.txt" that I just noticed. It has no version info in the details tab, but the file name seems to speak for that. The text file contains README info, including a line that says "Version 3.14.0006" (even though the program's Help > About window still says 3.14.0024). Would it be worthwhile to upload that file to you?

The files that are version 6.0.* seem to be from Lenovo. Apparently they're "System Information Detectors". Let me know if you want those instead.

BTW, I tried installing version 4 of ThinkVantage System Update from Lenovo's website, but the installer stopped before it installed anything, saying it was for Windows 7 only. I have Vista.
Was this reply relevant?
+0
-0
Ernst01 RE: Misidentification of version?
Member 13th May, 2010 10:20
Score: 0
Posts: 3
User Since: 11th May 2010
System Score: 95%
Location: DE
Last edited on 13th May, 2010 10:27
Attn: Emil
on 12th May, 2010 09:11, wrote:
Hi,

If the files tvsu.exe has meaningful version information, please suggest it, clearly stating which version of the program you have, and commenting it "Attn: Emil". I'll then ensure we have proper detection.


tvsu.exe file version is 4.0.0.1
My suggestion is to use the above file for identifying the current version of Lenovo System Update under Windows 7.
The current version (Windows 7 Professional 32-bit) of Lenovo System Update program is version 4.00.0007

Regards
Ernst

--
Have a nice day
Ernst
Lenovo A58 Windows7 Professional 32bit
Was this reply relevant?
+0
-0

billycart01

Delete all
[+]
This reply has been minimised due to a negative Relevancy Score.

billycart01

RE: Misidentification of version?
[+]
This reply has been minimised due to a negative Relevancy Score.

billycart01

RE: Misidentification of version?
[+]
This reply has been minimised due to a negative Relevancy Score.
This user no longer exists RE: Misidentification of version?
Member 14th May, 2010 08:23
Hi,


If you rescan now, you should hopefully all be shown as Secure. Is this the case?
Was this reply relevant?
+0
-0
Ernst01 RE: Misidentification of version?
Member 14th May, 2010 11:29
Score: 0
Posts: 3
User Since: 11th May 2010
System Score: 95%
Location: DE
Last edited on 14th May, 2010 12:09
Attn: Emil
Most recent scan reveals: My problem has been solved!
Under Windows 7 Professional 32bit PSI now reports ThinkVantage System Update 4.x as current.It does not refer to 3.x any more.
Thanks very much for your help.

--
Have a nice day
Ernst
Lenovo A58 Windows7 Professional 32bit
Was this reply relevant?
+0
-0
khstroem RE: Misidentification of version?
Member 14th May, 2010 12:40
Score: 0
Posts: 2
User Since: 4th Apr 2009
System Score: N/A
Location: DK
Also OK with Windows 7 Enterprise 64-bit.
Was this reply relevant?
+0
-0
rougena RE: Misidentification of version?
Member 14th May, 2010 18:09
Score: 2
Posts: 20
User Since: 13th Jan 2009
System Score: N/A
Location: N/A
Hi Emil,

Glad to learn that under Win 7 the issue is solved (as testified by some of the subscribers), but -- for WinXP-SP3 -- it is still there (even after rescanning the item).

The Help | About field says 3.14, the specific module on which PSI performs the check is 3.23 (as mentioned by several contributors before me), and PSI still finds it in the wrong (suggesting an -- unavailable -- update/upgrade from the Vendor's Web site).

Kindly keep in mind (when sorting out the rules) that this is the last and most up-to-date version for WinXP; version 4.x is for Win7 only!

Thanks,

Rougena
Was this reply relevant?
+0
-0
pnickerson RE: Misidentification of version?
Member 14th May, 2010 18:11
Score: 7
Posts: 6
User Since: 11th May 2010
System Score: N/A
Location: US
Last edited on 14th May, 2010 18:12
On Windows Vista 32bit, scan is not picking up ThinkVantage System Update at all any more, not even in the Patched tab. I guess the program version can't be reliably detected if Lenovo doesn't put the correct program version info into their files' metadata.

Edit: I have TVSU 3.14.0024 installed.
Was this reply relevant?
+0
-0
Devil505 RE: Misidentification of version?
Member 15th May, 2010 04:59
Score: 0
Posts: 8
User Since: 8th May 2010
System Score: N/A
Location: DE
Same here - WinXP 32bit version doesn't seem to appear in any list (including "patched") anymore - I had unpacked the install-set from the Lenovo web-site using 7z but none of the files seem to have any kind of reliable version info indicating 3.14.0024, except maybe the file (/ creation) date of some of the files (2009-06-12) - one thing seems for sure: the version info of the "about" box does refer to some different (re)source - a pity Lenovo didn't take care to provide this regular version info ressource, but I tend to believe it's an oversight, not singular probably but rare...
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability