Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Inappropriate Security Threat Notification

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Open Discussions

This thread has been marked as locked.
kxbzzz Inappropriate Security Threat Notification
Member 18th Dec, 2010 14:50
Ranking: 0
Posts: 1
User Since: 3rd Apr, 2010
System Score: N/A
Location: N/A
Secunia PSI reports that the Microsoft update shown at the bottom of this post presents a security threat. Secunia PSI message is:

Insecure Programs [?] Version Detected [?] Threat Rating [?] Direct [?]

Microsoft Visual C++ 2005 Redistributable Package (x86) (64-bit) 8.0.50727.762
Microsoft Visual C++ 2005 Redistributable Package (x86) (64-bit)

This installation of Microsoft Visual C++ 2005 Redistributable Package (x86) (64-bit) is insecure and potentially exposes your system to security threats!

Secunia strongly recommends that you update this program by installing the update that is provided by the vendor of this program.
Installation Path
C:\Program Files\Common Files\Microsoft Shared\VC\msdia80.dll

Three attempts to install the Microsoft update resulted in the following message from "Microsoft":

"This installation package is not supported by this processor type. Contact your product vendor."

I am going to have Secunia PSI ignore this security threat in the future. However, Secunia PSI may wish to isolate this particular update in its future notifications to Users.



smurphdude RE: Inappropriate Security Threat Notification
Contributor 18th Dec, 2010 17:03
Score: 107
Posts: 40
User Since: 13th Aug 2010
System Score: 100%
Location: UK
The Microsoft page http://www.microsoft.com/downloads/en/details.aspx... has three different downloads for different processor types. Are you downloading the correct one for your machine?
Was this reply relevant?
+4
-0
Anthony Wells RE: Inappropriate Security Threat Notification
Expert Contributor 18th Dec, 2010 21:06
Score: 2428
Posts: 3,317
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 18th Dec, 2010 21:09
A similar problem (seemingly 32 bit) is already being discussed in this thread , where C++ version ...762 is correctly shown as out of date and required a delete and reinstall ; even if the reasons seem obscured in history :-

http://secunia.com/community/forum/thread/show/676...

Perhaps it will help you .

Take care

Anthony



--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+1
-0
kxbzz RE: Inappropriate Security Threat Notification
Member 18th Dec, 2010 21:36
Score: 0
Posts: 1
User Since: 12th Sep 2010
System Score: N/A
Location: N/A
Thanks Anthony -

I'll mull this over.

kxbzz
Was this reply relevant?
+0
-0
Anthony Wells RE: Inappropriate Security Threat Notification
Expert Contributor 18th Dec, 2010 21:51
Score: 2428
Posts: 3,317
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

If you decide to use the M$ download site suggested by both "smurphdude" and "ddm" , you need to know/be clear whether you need the first link for an Itanium64 bit , the second link for a 64bit or the third link for a 32bit system in order for your machine to accept the correct patch .

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+1
-0
This user no longer exists RE: Inappropriate Security Threat Notification
Member 20th Dec, 2010 14:14
Hi,

I have been unable to reproduce this issue. We offer 2 downloads for this product, one for x84 (32-bit), and one for x64 versions of windows.

These are the links in question:
http://download.microsoft.com/download/6/B/B/6BB66...
http://download.microsoft.com/download/6/B/B/6BB66...

Try installing the latest stable release of the PSI (Version 2.0), running a full rescan, and downloading again. Do you still get the vcredist_x86.exe for a 64-bit system/vice versa?

hope this helps.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability