Relating to this vendor:
And, this specific program:
Adobe Acrobat 8.x
|Sakerhet||Secunia doesn't recognize patch, part II continued|
|30th Aug, 2010 23:36|
User Since: 11th Jun, 2008
System Score: N/A
First of all, I feel embarrassed to admit I was not able to point at the reply button in my last thread.
Instead I locked the tread (this time for once I would have loved a second chance question "Are you sureÖ")!
This is what I would have replied if I had done it right:
Thank you Anthony (you are really fast with your answers) and Emil!
You are both pointing out the possibility that there is more than one copy of Acrobat.exe. So I just checked once more to be sure. It is the same installation path to the file for both the full scan and the rescan. But the full scan seems to think itís the old 220.127.116.11 version.
I can agree that there are some advantages by using version dependency rules so that users are not confused when they read the patched programs report. You prefer showing the "logical" version for the program.
But then again, when this bug occurs, when the full scan and the rescan are not consistent, and you read those weird version numbers you really get confused.
I hope that you will find a solution to the issue, it doesnít seem impossible to fix. On the other hand Acrobat 8 is old and the number of users will drop when they upgrade to those fancy new versions released.
Thank you again for your prompt answers, Anthony and Emil!
|This user no longer exists||RE: Secunia doesn't recognize patch, part II continued|
|31st Aug, 2010 08:49|
If you need a thread unlocked, just drop us an email at firstname.lastname@example.org, and we'll get right on unlocking it. ;)
It is not necessarily Acrobat.exe that exists more than once (if that was the case, it would be detected twice), but could be Acrobat.dll. A copy of Acrobat.dll in a backup folder (or similar) could cause the PSI to get it's version information from that file.
We don't use version dependency rules merely to provide the logical version number. In fact, Adobe usually fails to update the version numbers on the main executables, so it's usually a race to find the one file where the information was actually updated. It is certaintly not impossible to fix, and in fact, I would suggest keeping a close eye on the forum the next couple of days.
hope this helps.
|Anthony Wells||RE: Secunia doesn't recognize patch, part II continued|
|31st Aug, 2010 18:43|
User Since: 19th Dec 2007
System Score: N/A
Last edited on 31st Aug, 2010 18:50
|Hello again Sakerhet :)
In your first thread you said this :-
""""When I run a full scan Secunia recognize Acrobat.exe as version 18.104.22.168.
Windows 7 (X64) states in the file options tab the version is 22.214.171.124. But when Secunia runs a "rescan" for just that single file it is recognized as safe and the version is claimed to be 126.96.36.1998. """"
It still seems strange that Secunia is showing the 188.8.131.52 version (correctly) in the insecure tab and not the 184.108.40.206 .exe file which should match the 220.127.116.118 .dll file .
Just to confirm that you only have one instance of Acrobat in a full scan by the PSI in the "insecure" tab and nothing displayed in the "patched" tab ??
Did you update 8.1.7.xx to 8.2 3.xx and then patch to 8.2.4.xx ??
Can you find the 8.1.7.xx .exe file in the same folder where you found/moused/optioned the 8.2.3.xx .exe file ??
What is the "installation path" ?? Does it lead to the same folder and file if you use the "open folder" icon in the "toolbox" of the programme expanded page from within the "insecure" tab ??
It always seems impossible until its done.
|Sakerhet||RE: Secunia doesn't recognize patch, part II continued|
|31st Aug, 2010 23:16|
User Since: 11th Jun 2008
System Score: N/A
Thank you for your efforts to help.
There is only one instance of Acrobat and itís in the insecure tab after a full scan and then it moves to the patched tab after I run a re-scan. The path is the same. I can see no renamed version of acrobat dll/exe in the folder.
I guess Emil has something going on to clear the issue. It may be a flaw in Secunia or if there really is an old file hidden somewhere it would be a useful improvement if Secunia could log or show the path to and exact filename where the problem is found.
For now I am not too much worried that this is a security problem in my system. I will follow Emil suggestion and keep a close eye on the forum the next couple of days.
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.