Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: VLC media player update does not show

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
VideoLAN
And, this specific program:
VLC media player 1.x

This thread has been marked as locked.
lvd VLC media player update does not show
Member 13th Aug, 2010 23:18
Ranking: 2
Posts: 5
User Since: 8th Mar, 2010
System Score: 96%
Location: DE
Hi,

I'm using PSI 1.5.0.2 and I noticed that although VLC media player 1.1.2 is available for about two weeks now, PSI does not notify me about this.

It detects the current VLC media player version 1.1.0 I have installed correctly and the 1.1.2 has admittedly no security updates but I wonder, is this behavior intentionally?

Does PSI only notify me about updates that solve security risks?

And if so, would PSI 1.9 TP behave otherwise? Would it update as soon as it finds an update?

ddmarshall RE: VLC media player update does not show
Dedicated Contributor 13th Aug, 2010 23:33
Score: 1205
Posts: 957
User Since: 8th Nov 2008
System Score: 98%
Location: UK
Yes. PSI only notifies you about security updates. PSI scans for vulnerable and out of date programs.
See
http://secunia.com/vulnerability_scanning/personal...

--
This answer is provided “as-is.” You bear the risk of using it.
Was this reply relevant?
+1
-0
lvd RE: VLC media player update does not show
Member 14th Aug, 2010 00:09
Score: 2
Posts: 5
User Since: 8th Mar 2010
System Score: 96%
Location: DE
Ah, thank you. I just read something similar in the FAQ. Makes sense, it's about security not features.

However, I have read that some vendors don't disclose all the bugs and fixes that are included in a patch or update. That some silently patch vulnerabilities they found via intern analysis without ever making them public. Does anybody now if that is actually true or feasible?

One other thing; I patched VLC now manually and found that PSI still reports VLC media player 1.1.0, even though the player itself says under help->about it is 1.1.2. After some confusion I checked the metadata for vlc.exe manually via file properties and saw that the VLC team made a little mistake. The metadata for 1.1.2 vlc.exe actually says it's 1.1.0 and hence PSI reports it wrong too.
Was this reply relevant?
+0
-0
This user no longer exists RE: VLC media player update does not show
Member 16th Aug, 2010 10:02
Last edited on 16th Aug, 2010 12:00 Hi,

Our rules should have been corrected. Please try scanning again.

Hope this helps.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability