Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Google Chrome 8.0.552.215

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Google
And, this specific program:
Google Chrome 8.x

This thread has been marked as locked.
M B Rasmussen Google Chrome 8.0.552.215
Member 15th Dec, 2010 21:24
Ranking: 0
Posts: 2
User Since: 3rd May, 2010
System Score: N/A
Location: CA
Is Google Chrome v.8.0.552.215(x86) needed after new v.8.0.552.224 is downloaded to make chrome secure following PSI warning?
Have followed the suggested PSI download path to make is secure but program still unsafe after new PSI scanning and reboot.

Anthony Wells RE: Google Chrome 8.0.552.215
Expert Contributor 15th Dec, 2010 22:01
Score: 2437
Posts: 3,324
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 15th Dec, 2010 22:03
Hi ,

Chrome leaves the previous version file when you update or when there is a silent update .

You do not need the old file unless you have a specific use for it .

If the old file is for an"insecure" version , then deleting it will ensure the bad guys cannot get at it .

Navigate to the old folder using Explorer or

use the "open foilder" icon in the PSI "toolbox" in versions 1.5.x - click the [+] to the left of the the programme entry to expand the display or

use the (right hand of two) "open folder" icon before the detected instance in the PSI Beta - again click the [+] on the lhs of the programme .

The path to the folder should be something like :-

C:\Documents and Settings\User Name\Local Settings\Application Data\Google\Chrome\Application\"old"version number

Right click and delete the "old" version folder (only).

Take care

Anthony



--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+3
-0
jonrichco RE: Google Chrome 8.0.552.215
Member 17th Dec, 2010 17:06
Score: 0
Posts: 22
User Since: 27th Nov 2008
System Score: N/A
Location: AU
Good advice Anthony - you do need to delete the 215 folder.

However, I am a bit cranky with Chrome (which doesn't indicate that an update is available (by putting an orange circle next to the wrench) and with PSI to a small degree, for indicating that an update is needed when Chrome itself does not identify it.
Was this reply relevant?
+0
-0
Anthony Wells RE: Google Chrome 8.0.552.215
Expert Contributor 17th Dec, 2010 17:47
Score: 2437
Posts: 3,324
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hi jonricho ,

As far as I can understand from other blogs and fora , the old file version .dll files are mean't to be deactivated when Chrome is updated ; anyway , myself , I prefer to be extra sure as deleting the old/insecure file becomes a habit after a while .

I have silent/auto updates set for my Chrome Dev Channel version as they are so frequent and I check spanner/about pretty regularly ; I seem to remember a message at one time telling me to restart for an update to install , but as you say no "orange blob" .

Not sure I understand your last point re the PSI ; it will only report and display to you any "security" updates available for the Stable version of a programme*** and does not display when eye candy or bug fix updates are available . Alpha , Beta and RC's are not monitored by the PSI , with the exception of itself . Non-stable versions of Chrome browser and Chrome Frame are displayed by the PSI as/under Google gears .

***In fact , the PSI/OSI usually only reacts to the publication of a Secunia Advisory and quite often Google Chrome will offer a browser update a few days before the actual vulnerabilities are made "public" .

Anthony


--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+2
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability