navigation bar left navigation bar right

Secunia CSI7
navigation left tab Advisories navigation right tab
navigation left tab Research navigation right tab
navigation left tab Forums navigation right tab
navigation left tab Create Profile navigation right tab
navigation left tab Our Commitment navigation right tab
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Google Chrome all users installation problem

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Google
And, this specific program:
Google Chrome 12.x

This thread has been marked as locked.
mbarley42 Google Chrome all users installation problem
Member 17th Jun, 2011 10:10
Ranking: -4
Posts: 40
User Since: 17th Jun, 2011
System Score: N/A
Location: HR
Last edited on 17th Jun, 2011 10:11

I have a problem in student lab, where different accounts install Google Chrome for single user, all different versions.

The recommendation was to install Google Chrome for all users as from bulk of applications (Google Earth, Google Docs etc.)

However, when I do install Google Chrome installs old version (End-of-life 11), and then updates to version 12, but leaves v11 files in a subfolder. Is it safe to erase this? I know exactly the folder, for it is named after version, but it seems awkward to erase it for I might lose warrant for application or clean uninstall from Add/Remove programs.

Any idea?

Marvin


--
Be the change you wish to see in the world.
Mahathma Gandhi

Maurice Joyce RE: Google Chrome all users installation problem
Handling Contributor 17th Jun, 2011 10:16
Score: 11830
Posts: 9,072
User Since: 4th Jan 2009
System Score: N/A
Location: UK
This problem is well documented here:

http://secunia.com/community/forum/all_threads/?fo...

As U will note it is perfectly safe & proper to remove the old version 11 folder.

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+1
-0
mbarley42 RE: Google Chrome all users installation problem
Member 17th Jun, 2011 11:17
Score: -4
Posts: 40
User Since: 17th Jun 2011
System Score: N/A
Location: HR
It works, but they told me I do not know how do administration, so I wonder if there is a better way or just leave it dangling since it is not run, so there is no security risk, except if someone goes manually into v11 folder.

Thanks anyway.

Marv


--
Be the change you wish to see in the world.
Mahathma Gandhi
Was this reply relevant?
+0
-0
Anthony Wells RE: Google Chrome all users installation problem
Expert Contributor 17th Jun, 2011 15:19
Score: 2454
Posts: 3,345
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hello Marv ,

If you do not know enough about Admin , best to get a prof or someone to help you .

According to Google , the previous/old version folder and .dlls left behind are technically not exploitable . Having an old version is unusual but also can happen with other software . If there is no security problem the PSI will display the "older" version as a zombie file , if it is insecure or "End of Life" , the PSI will display it at the top of the scan results page display .

Removing the "old" files is quite safe and the folder is clearly titled/numbered as you say , but it is an Admin job and you should need Admin rights to do it .

Hope that helps .

Take care

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0

pompapah

RE: Google Chrome all users installation problem
[+]
This reply has been deleted
mbarley42 RE: Google Chrome all users installation problem
Member 17th Jun, 2011 20:12
Score: -4
Posts: 40
User Since: 17th Jun 2011
System Score: N/A
Location: HR
Hi, Anthony,

Thank you very much. We spoke before when I was mtodorov69, but I couldn't recover password.

Hearing it from two experts makes me confident about safe deleting of zombie Google files.

I just wish there was some way clumsy home users could use when I am not overseeing them. But probably PSI is black sorcery or science fiction for artists and graphic people. :-)

It would be for the best if Google and Adobe did the right thing in the first place, quite unlike ghost versions and old non-modular flash installations in Adobe CS# packages we find.

Marv


--
Be the change you wish to see in the world.
Mahathma Gandhi
Was this reply relevant?
+0
-0
Anthony Wells RE: Google Chrome all users installation problem
Expert Contributor 18th Jun, 2011 13:00
Score: 2454
Posts: 3,345
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hello again Marv ,

If you are happy with your new Forum "moniker" , I would forget about the old one - recovering passwords can be more trouble than than it is worth .

The security "experts" report that the Chrome "silent update" is a great bonus by getting people to use an/the up to date version of the browser ; this is especially helpful now that it has it's own embedded Adobe Flash plug-in , usually updating it's Flash a day or so earlier than than the ActiveX and NPAPI updates becoming available .

The trade off being their deliberately leaving the "zombie" behind ; if you cannot get the clumsy artists to use the PSI's open folder facility (as in , click the [+] to the lhs of any programme/zombie individual entry and click the yellow(ish) without the red blob "open folder" icon) where the folder is already highlighted for deletion **** then you could just ignore it until they allow you some Admin interference :)) Like you say , it not a real security risk .

**** although it is the case with Chrome old versions , a highlighted folder may not always be the item needing deletion , so take care to properly identify the culprit file and/or folder .

Take care

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+2
-0
mbarley42 RE: Google Chrome all users installation problem
Member 20th Jun, 2011 20:03
Score: -4
Posts: 40
User Since: 17th Jun 2011
System Score: N/A
Location: HR
on 18th Jun, 2011 13:00, Anthony Wells wrote:
Hello again Marv ,

If you are happy with your new Forum "moniker" , I would forget about the old one - recovering passwords can be more trouble than than it is worth .

The security "experts" report that the Chrome "silent update" is a great bonus by getting people to use an/the up to date version of the browser ; this is especially helpful now that it has it's own embedded Adobe Flash plug-in , usually updating it's Flash a day or so earlier than than the ActiveX and NPAPI updates becoming available .

The trade off being their deliberately leaving the "zombie" behind ; if you cannot get the clumsy artists to use the PSI's open folder facility (as in , click the [+] to the lhs of any programme/zombie individual entry and click the yellow(ish) without the red blob "open folder" icon) where the folder is already highlighted for deletion **** then you could just ignore it until they allow you some Admin interference :)) Like you say , it not a real security risk .

**** although it is the case with Chrome old versions , a highlighted folder may not always be the item needing deletion , so take care to properly identify the culprit file and/or folder .

Take care

Anthony


Hello Anthony,

This moniker reference reminds me of Aeon Flux movie :-)

Indeed, this "silent update" is a good thing, but if users do not log on often, there is an awful lot of bulging zombie and old version Chromes that confuse PSI. I know that from lab computer. In the end, it chokes C: disk, and you need to acquire all passwords of all users to log on as that user and uninstall, or there will be registry residue, that is, broken registry.

In the end, new version could have easily deleted old version upon next restart, if the idea is to do it without confusing user.

Rgds,
Marv


--
Be the change you wish to see in the world.
Mahathma Gandhi
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
 
Secunia © 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+