Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Still a threat after patches applied

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Open Discussions

This thread has been marked as resolved.
tyler4402 Still a threat after patches applied
Member 21st Sep, 2010 23:28
Ranking: 0
Posts: 17
User Since: 2nd Sep, 2009
System Score: N/A
Location: UK
Last edited on 21st Sep, 2010 23:29

Hi all
I hope I am in the right area for my problem.

Can anyone explain? After a Secunia scan 6 programs were highlighted as a possible threat, one being my Avast anti virus program????
I went through the process of scanning and clicking the solution, and then applying the patches to all the highlighted programs and again re scanned.
Unfortunately after repeating the process another 5 times the same 6 programs are still being highlighted.
Can anybody explain what has gone wrong?
Regards Robert.

Post "RE: Still a threat after patches applied" has been selected as an answer.
mogs RE: Still a threat after patches applied
Expert Contributor 21st Sep, 2010 23:56
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Hello.
As a generality, when progs are updated they often leave older files/versions behind. These, psi continues to detect even if still in the recycle bin.
Alongside an entry you will see a + sign....click on it to reveal the file path. If uncertain how to proceed, post that info back to the forum. It is also often helpful to provide details of OS, browser, and the version of psi you are using..( if you include that in your signature box [see My Profile on the left]; it will save you repeating each time you post.
Here are a couple of links which you may find worth bookmarking :-
http://secunia.com/vulnerability_scanning/personal... FAQ's
http://secunia.com/vulnerability_scanning/personal...
HOW IT WORKS
Hope this helps.........regards,


--
Was this reply relevant?
+2
-0
Maurice Joyce RE: Still a threat after patches applied
Handling Contributor 21st Sep, 2010 23:58
Score: 11626
Posts: 8,915
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Robert,

What are the paths to the vulnerabilities still showing?

FINDING A FILE PATH - ALL PSI VERSIONS EXCEPT VERSION 2 (BETA)

To locate the exact file that the Secunia PSI has detected, use or switch to the ADVANCED interface, then :

1 Click on the + sign of the programme to "expand' it.
2 Click on Technical Details in the Toolbox to see the installation path of the detected file. (Copy (CTRL+C) & paste (CTRL+V) the Installation Path of the file back to the Forum if U are unsure what to do next.

PSI VERSION 2 (BETA)

From the DASHBOARD page click on RESULTS.

1. This will show U the file that is vulnerable.
2. Click the + sign next to the file.
3. This will reveal the path.
4. Highlight it then copy (CTRL+C) & then paste (CTRL+V) that path back to the Forum if U do not know what to do next.


Update 4 20:22 03/09/2010

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+2
-0
tyler4402 RE: Still a threat after patches applied
Member 22nd Sep, 2010 14:39
Score: 0
Posts: 17
User Since: 2nd Sep 2009
System Score: N/A
Location: UK
XP-Pro SP3 > 2.8 Gh Intell Celeron > 1536 Mb Installed Memory > 250Gb HDD > 80Gb Storage drive with XP Pro loaded > Outlook Express > IE8 > Secunia Version 1.5.0.2

Many thanks to you both for your help and prompt replies, I know we silver surfers are a pain but with your help we get there in the end :-)
I have followed your instructions as far as I can, having opened the Advanced page and clicked the + by the 1st programme highlighted, which was "Adobe Air"
I am having prob's with the new version of my Comodo firewall and it won't let me copy and paste, so I have typed the string (here) E:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll

Was I meant to use the Solution wizard Icon (which I did) and downloaded the patch again? After which I got a message saying " this program is already on your computer"

PS, I think the prob might be solved, as I was typing out the Adobe AIR string, I noticed that it began with E:\\ Programme Files, and not C:\\, I do have another HDD installed with an Operating System that I had used until recently, with folders and programme files still intact, it would seem that Secunia has also been reading the slave drive E:\\.
When I isolated the E:\ drive and re-scanned all the programmes showed as patched.
Regards Robert.
Was this reply relevant?
+0
-0
Maurice Joyce RE: Still a threat after patches applied
Handling Contributor 22nd Sep, 2010 15:13
Score: 11626
Posts: 8,915
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Last edited on 22nd Sep, 2010 15:14
That is correct. This action will eliminate any further "false positives".

CREATING A GLOBAL IGNORE RULE - ALL PSI VERSIONS EXCEPT VERSION 2 (BETA)



1.Click on the SETTINGS tab>scroll to the bottom & click on CREATE IGNORE RULE

2.In the RULE NAME BOX insert the Drive detail - My Backup Drive for example.

3.In the RULE BOX type E:\. If it is the i386 folder use this - C:\windows\i386

4.Click SAVE IGNORE RULE>CLOSE

5.Carry out a full PSI rescan & all should be in order.

All hard drives will continue to be scanned by default but the result from the drives ignored will not be published.


Update 5 16:45 02/09/2010

If all your problems are now resolved could U please lock (Accept) the thread. This will prevent us both from receiving update emails from "tag on" posts.















--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+3
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability