|Beercow||Threat Rating issue|
|9th Feb, 2011 04:08|
User Since: 26th Sep, 2010
System Score: 100%
I noticed the other day that the threat rating for EI8 in the scan results comes up with nothing. In the secure browsing tab, it comes up as unpatched, no vendor solution. I currently have 197 programs and they all show up as patched with no threat rating in the scan results. PSI 1 showed more of these programs with vulnerabilities. Something doesn't seem right here to me. Anyone else have this problem, if it is a problem?
Windows 7 Professional SP1 64bit
Amd Athlon IIx4 630 Quad-core
|mogs||RE: Threat Rating issue|
|9th Feb, 2011 07:34|
User Since: 22nd Apr 2009
System Score: 100%
Here's a recent official explanation of the program count :-
The mechanism for scanning has not changed radically, and the PSI still detects every program it did before (If anything, it detects more programs). However, a few of the specific changes in the 2.0 could make it appear that some programs have disappeared.
One is that the PSI now tries to group several detections of the same program as one entry, and only counts it as one. This mean that if you, for example, have 5 installations of Google Chrome 5.x, only 1 will be counted and shown in the statistics. This is to avoid the confusion caused by "Zombie Files" (Upgrade leftovers), which was a common issue with older versions.
You can still see every detected instance by expanding the program entry under "Results". If you double-click the entry, a list with the appropriate statuses for each program.
Another is that the PSI now by default only scans the root drive (Which is usually C:), and the drive containing "Program Files" (Usually also C:). To scan other drives, you can go to the Settings tab and choose which drives you wish to scan under "Drives", simply by setting a checkbox next to the appropriate drive.
Emil R. Petersen
Secunia PSI Support
The issue with IE8 is long standing....I too have version 8.0.6001.19019 showing as Patched and then again as Not Secure for browsing.....Unpatched no vendor Solution SA24314...in the Secure Browsing section.
In other words....you've patched/done all you can..so it's shown in Patched....but it is still vulnerable...so it's shown as it is in Secure Browsing.
Hope the foregoing helps....regards,
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.