navigation bar left navigation bar right

Secunia CSI7
navigation left tab Advisories navigation right tab
navigation left tab Research navigation right tab
navigation left tab Forums navigation right tab
navigation left tab Create Profile navigation right tab
navigation left tab Our Commitment navigation right tab
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: superantispyware

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
bonalymac superantispyware
Member 18th May, 2010 12:58
Ranking: 0
Posts: 1
User Since: 20th Aug, 2009
System Score: N/A
Location: UK
I've just read the two existing threads on this product.

I've also upgraded SAS to beyond the version quoted as potentially being an issue. PSI still reports this prog as insecure.

As far as I can see, the owner of SAS says this is a false positive, but Secunia either have ignored this or do not accept it.

Could we have some feedback from Secunia now to confirm whteher in their opinion this is in fact an issue, or is it a false positive?

Thanks

Colin

Anthony Wells RE: superantispyware
Expert Contributor 18th May, 2010 16:33
Score: 2463
Posts: 3,348
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 18th May, 2010 16:37
Hello Colin .

Are you using PSI in "advanced" mode ?? If not , select tte "option" top right of any PSI page .

If so , where is PSI showing your version of SAS ; I have version 4.37.0.1000 reported in the "patched" - this is the latest version .

Do you have this (or possibly an earlier but still secure) version displayed in the "patched" tab .

If you have an earlier version displayed in the "insecure tab" , what is the version number and where is it installed :ie: the "installation path" ??

If you click the [+] next to the/a "problem" programme it will expand and give you more information to help trace things ; if you cannot fix it yourself , post all the details back here .

Let us know how you go anyway .

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+2
-0
colmac909 RE: superantispyware
Member 18th May, 2010 19:11
Score: 0
Posts: 3
User Since: 27th Aug 2009
System Score: N/A
Location: UK
Hi and thanks for the feedback and so promptly.

I had 4.37, but I had managed to get it as well as 4.32, so the old "alegedly insecure" version was still there.

So the latest version is passed by PSI.

Thanks

--
*****************
Colin Mac
Scotland
*****************
Was this reply relevant?
+0
-0
Anthony Wells RE: superantispyware
Expert Contributor 18th May, 2010 20:50
Score: 2463
Posts: 3,348
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hello Colin aka Colin Mac ,

PSi shows the latest "secure" version in PSI "patched" tab plus later bug fixes etc. versions , if you update your programme for them ; it checks for the "latest" patched version and even if there is an insecurity in that programme - because there is not a patch available - it goes in the "patched " tab :ie: you have done all you can .

The Advisory 38917 for SAS says that there is a partial fix by updating to version 4.34.1000 has has not been amended since ; whether that version and those in between up to 4.37.1000 would/should show in "patched" or "insecure" , I could not say .

A Secunia secret , but in this case I would always go for the most recent SAS version , to err on the side safety , one hopes .

Take care of your multiple personalities .

Anthony




--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+1
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
 
Secunia © 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+