Relating to this vendor:
And, this specific program:
Adobe Acrobat 8.x
|Sakerhet||Secunia doesn't recognize patch, part II (in full scan)|
|28th Aug, 2010 12:47|
User Since: 11th Jun, 2008
System Score: N/A
When I run a full scan Secunia recognize Acrobat.exe as version 220.127.116.11.
Windows 7 (X64) states in the file options tab the version is 18.104.22.168. But when Secunia runs a "rescan" for just that single file it is recognized as safe and the version is claimed to be 22.214.171.1248.
Whenever I do a complete rescan in Secunia Acrobat is again on the "insecure page" and recognized as version 126.96.36.199.
What is the difference between a full scan and a rescan and why does neither state the actual file version (188.8.131.52)?
|Anthony Wells||RE: Secunia doesn't recognize patch, part II (in full scan)|
|28th Aug, 2010 16:02|
User Since: 19th Dec 2007
System Score: N/A
Last edited on 28th Aug, 2010 16:05
This problem (or very similar) has occured with previous updates to Adobe Acrobat 8.x .
You may well need Secunia to update their their detection rules ; they will be back to work on the PSI on Monday next . If they do not pick up this thread at that time , you may wish to contact them direct by Email at firstname.lastname@example.org
Technically the PSI uses the .exe 184.108.40.206 file to "recognise" the programme , but the .dll 220.127.116.118 file to "recognise" the version and tell you if your are fully patched or not .
The version 18.104.22.168 of the .exe is "insecure" , as far as I know .
So , whilst waiting for Secunia and using the PSI in "advanced" , here are some points to consider :-
is there more than one version of your Acrobat showing ?? if so in which "tab(s)" do it/they appear ?? What is/are the "installation path(s))" and version number(s) ??
PS : AFAIK , the rescan just rechecks the file data as is , while the full scan resets and rechecks all data and compares it to the Secunia data base . They will probably explain ti better/correctly on Monday
It always seems impossible until its done.
|This user no longer exists||RE: Secunia doesn't recognize patch, part II (in full scan)|
|30th Aug, 2010 14:40|
When the PSI runs a full scan, occasionally information from older versions (perhaps on a backup drive) can be included in the scan, which can lead it to detect an improper version number. The local rescan only scans the current directory. The PSI does not always take the version information directly from the main executable, but instead use "version dependency rules", where we take the information we need from a secondary file, in this case (as Anthony correctly remarked), the file "Acrobat.dll".
This issue is a known bug, and a fix is being considered for future versions. As a workaround, I suggest using the local rescan to pick up the relevant version information.
hope this helps.
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.