Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: insecure items on secunia

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Open Discussions

This thread has been marked as locked.
granny76 insecure items on secunia
Member 8th Oct, 2010 03:04
Ranking: 0
Posts: 1
User Since: 7th Aug, 2010
System Score: N/A
Location: N/A
secunia says i have two insecure items of microsoft 3 framework??

TiMow RE: insecure items on secunia
Dedicated Contributor 8th Oct, 2010 07:48
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
This has been a problem for some users over the last week.
Some instances have simply required a re-boot and full PSI scan after updating, for the reported insecurity to be removed from PSI.

If you have already run Microsoft Update, and it reports no high-priority updates, then I would try the above in the first instance.

If this doesn't change anything, then post back, with more details as to your Windows OS, PSI version no. and full version numbers and file location of the insecure .Net Framework (see Tech Details - found by clicking "[+]" on l.h.s. of listing in Insecure tab of PSI Advanced (PSI 1.5.0.2 or earlier)).

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+1
-0
steven_e007 RE: insecure items on secunia
Member 8th Oct, 2010 09:13
Score: 0
Posts: 5
User Since: 22nd Jun 2010
System Score: N/A
Location: N/A
Hi,

I have exactly the same problem.

Visited Microsoft - nothing to download for .Net 1.x or .NET 3.x.

Rebooted, ran full scan in advanced, still says Microsoft .NET 1.x and 3.x are insecure.

These are the versions and locations:


Microsoft .NET Framework 1.x 1.1.4322.2470

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspne t_wp.exe

Microsoft .NET Framework 3.x 3.0.4506.2152

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspn et_wp.exe

PSI v 1.5.0.2
Windows XP home SP3

Any ideas?
Thanks.


Was this reply relevant?
+0
-0
TiMow RE: insecure items on secunia
Dedicated Contributor 8th Oct, 2010 10:01
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Last edited on 8th Oct, 2010 10:06
Hi Steven

The versions for .Net 1.1.x and .Net 3.0.x you have listed above, are the same versions that I have listed under my patched tab as current and up-to-date (on XP Pro).

There is no explanation (that I can think of) why you have them listed as insecure.

Often with M$ updates, the advice is that sometimes that more than one re-boot is required for correct and complete installation - but if PSI is reporting these versions, this suggests that they are properly installed.

The file location for .Net 3.x, you have posted, is different to mine, though (.Net 1.1.x is the same)- I don't know if this is effecting the issue. I have the following:

C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

I would suggest trying another re-boot and full PSI re-scan.

Other users have also reported that running the downloadable CCleaner program has resolved this issue (I don't have it installed, so can't comment on it's use - but it is recommended by many users).

http://www.filehippo.com/download_ccleaner/

Failing all else, someone else may be able to offer alternative advice.

If your problem is not quickly resolved, I would recommend that you start your own thread, as it may well differ from that of the original poster.

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+0
-0
steven_e007 RE: insecure items on secunia
Member 8th Oct, 2010 10:31
Score: 0
Posts: 5
User Since: 22nd Jun 2010
System Score: N/A
Location: N/A
A quick update, after a reboot, it now says I have 5 insecure instances of .NET!

1.x errors twice
plus 2,3 and 4 also report as insecure (only about 30 minutes after an upgrade from Microsoft).

I'll sit and lurk for advice for a while - I chimed in here as it looked like a common problem, but I'll start my own thread if I need to post again,

Thanks,

Steve

PS. I am on the home edition, 2002, service pack 3
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer