Relating to this vendor:
And, this specific program:
Microsoft Visual C++ 2008 Redistributable Package
|Minkus||Microsoft Visual C++ 2008 Redistributable Package 9.0.21022.218 showing as 'Vulnerable' when it is not|
|12th Aug, 2010 14:13|
User Since: 27th Jul, 2010
System Score: N/A
I am receiving the following error on Secunia PSI:
Microsoft Visual C++ 2008 Redistributable Package 9.0.21022.218
This installation of Microsoft Visual C++ 2008 Redistributable Package is insecure and potentially exposes your system to security threats!
Installation Path: C:\Program Files (x86)\Common Files\Microsoft Shared\VC\msdia90.dll
The 'fix' section sends me to the following site:
which contains 'Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package ATL Security Update'.
However on installing this package, the issue remains. I have all the latest Windows Updates installed.
Having done some investigation, I believe that this may be because there are *two* VS 2008 updates available for MS09-035 - KB973551 and KB973552. The first is for Visual Studio 2008 RTM, and the second is for Visual Studio 2008 SP1. According to KB973551, the file version I have installed is secure (msdia90.dll 9.0.21022.218 668,992 12-Jul-2009 0:5
|This user no longer exists||RE: Microsoft Visual C++ 2008 Redistributable Package 9.0.21022.218 showing as 'Vulnerable' when it is not|
|12th Aug, 2010 14:40|
Most Microsoft updates don't "kick in" (Including changes in version numbers) before a reboot. Therefore, the best procedure when having problems with Microsoft Updates is to:
1) Install all available patches from Microsoft Update (click the solution button in the PSI)
3) If any patches were installed, check Microsoft update again.
4) If any patches was installed this time, restart from step 2.
5) Rescan with the PSI
Hope this helps.
|Anthony Wells||RE: Microsoft Visual C++ 2008 Redistributable Package 9.0.21022.218 showing as 'Vulnerable' when it is not|
|12th Aug, 2010 16:31|
User Since: 19th Dec 2007
System Score: N/A
Last edited on 12th Aug, 2010 16:34
Hello Chris ,
If Emil's suggestions do not work for you , then if you click on the Microsoft Visual C++ .... link at the top right of this page , just above the heading to your thread you will find all the other threads dealing with your topic .
It may not be so simple as asking Emil to change the detection rules . You will need to browse trough to find an example which corresponds to your situation and the required response/solution (?) .
After perusal ,If you are sure it is a simple rule problem , come back here .
It always seems impossible until its done.
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.