navigation bar left navigation bar right

Secunia CSI7
navigation left tab Advisories navigation right tab
navigation left tab Research navigation right tab
navigation left tab Forums navigation right tab
navigation left tab Create Profile navigation right tab
navigation left tab Our Commitment navigation right tab
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Unknown Publisher Security Warning

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as resolved.
jpohedra Unknown Publisher Security Warning
Member 22nd Aug, 2010 22:49
Ranking: 1
Posts: 5
User Since: 22nd Aug, 2010
System Score: N/A
Location: US
When I go to run the saved PSIsetup.exe file for version 1.5.0.2 from its downloaded location, I get a Security Warning box that says "The Publisher could not be verified...This file does not have a valid digital signature that verifies its publisher..."
So what's up with that? Is this "normal" for the Secunia PSI download installation on Windows XP?
Thanks!

Post "RE: Unknown Publisher Security Warning" has been selected as an answer.
mogs RE: Unknown Publisher Security Warning
Expert Contributor 22nd Aug, 2010 23:15
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Hello.
Have you/are you sure you've configured your IE8 (?) settings for Secunia to run ?
Please have a read thro' the FAQ's here, which might be helpful...if you havn't already.
http://secunia.com/vulnerability_scanning/personal...

--
Was this reply relevant?
+2
-0
jpohedra RE: Unknown Publisher Security Warning
Member 23rd Aug, 2010 02:01
Score: 1
Posts: 5
User Since: 22nd Aug 2010
System Score: N/A
Location: US
I checked around a little further. It seems that this warning is "normal" if you try to run an installation executable that does not have a digital signature. I see that other vendors mention this on their pages explaining installation of their programs. For example: http://help.artaro.eu/index.php/general-security/p...
I think Secunia should mention this somewhere if that is what happens during installation of PSI.
Was this reply relevant?
+0
-0
mogs RE: Unknown Publisher Security Warning
Expert Contributor 23rd Aug, 2010 07:51
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Hello.
In about 16 months of working on the forum, I don't think I've come across your problem with regard to Secunia.
Are you downloading the official version from here ?:-
http://secunia.com/vulnerability_scanning/personal LATEST VERSION
When /if you reply next, could you please include more details/info with regard to your OS /Browser etc ., which might help someone to help you ?
I'm off to work presently....Secunia will be in the office soon....any additional info may be picked up by them too.
Regards

--
Was this reply relevant?
+0
-0
This user no longer exists RE: Unknown Publisher Security Warning
Member 23rd Aug, 2010 09:22
Last edited on 23rd Aug, 2010 09:22 Hi,

All Secunia PSI executables are signed before release.
I suggest you do not run or make use of this executable, until you can successfully verify the signature.
In your situtation, the best course of action would be to delete the installer you have already downloaded, clear your temporary installation files, and re-download the PSI installer.

hope this helps.
Was this reply relevant?
+0
-0
jpohedra RE: Unknown Publisher Security Warning
Member 25th Aug, 2010 15:05
Score: 1
Posts: 5
User Since: 22nd Aug 2010
System Score: N/A
Location: US
Last edited on 25th Aug, 2010 15:11
Thanks, gentlemen. I had been using Secunia PSI version 1.5.0.0 since last October. I uninstalled it prior to downloading PSISetup.exe for version 1.5.0.2. As you just suggested, I deleted the PSISetup.exe file for version 1.5.0.2 that I recently downloaded. I then tried to re-install version 1.5.0.0 using the PSISetup.exe file that I downloaded last October. I get the same Unknown Publisher Security Warning. Since I had installed this version last October, I assume that I must have ignored the Unknown Publisher warning that I must have gotten then. I'm just a little more cautious about such things these days.
I then downloaded a fresh copy of PSISetup.exe for version 1.5.0.2 from the http://secunia.com/vulnerability_scanning/personal... page. I get the same Unknown Publisher warning whether I choose "Run" in the download window, or whether I first "Save" the file and attempt to run it from the saved location. I'm beginning to think that this is "OK", but I would appreciate any comments or corroboration from other users before I run this PSISetup.exe file.
If possible, I would be glad to send the file back to you for verification.
Was this reply relevant?
+0
-0
olaola RE: Unknown Publisher Security Warning
Member 25th Aug, 2010 15:31
Score: 1
Posts: 1
User Since: 25th Aug 2010
System Score: N/A
Location: N/A
I received the same security warning as you when trying to download the update. This happened several times until I created a profile. After that I didn't get the warning anymore and was able to update normally.
Was this reply relevant?
+1
-0
This user no longer exists RE: Unknown Publisher Security Warning
Member 25th Aug, 2010 15:52
Hi,

Those experiencing this issue, please right-click the PSISetup.exe file you downloaded, and select the "Digital Signatures".
This should list only one signer, Secunia. If you click "View Certificate", you should be able to see information about the Secunia Certificate. The proper certificate is Isssued by "VerySign CLass 3 Code Signing 2009-2 CA" and should have be valid from 5/28/2010 to 5/28/2013.

On the "View Certificate" screen, the tab Certification Path should Show Secunia < VeriSign Class 3 Code Signing 2009-2 CA < VeriSign Class 3 Public Primary CA.

hope this helps.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
 
Secunia © 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+