Did you update thoroughly? Secunia's software_inspector

polonus · 2006-12-08T14:33:14.000Z

Hi malware fighters,

The security of your computer is considerably enhanced when all your software have the latest versions and patches. You can check it through this online tool:
http://secunia.com/software_inspector/?task=load

polonus

FreewheelinFrank · 2006-12-08T17:32:12.000Z

This is an excellent and much needed tool! Well done Secunia and thanks Polonus for finding it. Everybody needs to know about this scan: I’m a regular updater, and it seems I have outdated versions I didn’t even know about:

http://donaldbroatch.users.btopenworld.com/secuniascan.jpg

Thanks Secunia for making the scanner cross-browser compliant: runs on Firefox with Java.

Lisandro · 2006-12-08T17:50:38.000Z

polonus post:1:

The security of your computer is considerably enhanced when all your software have the latest versions and patches. You can check it through this online tool:
http://secunia.com/software_inspector/?task=load

Many thanks Polonus… Very very useful 8)

DavidR · 2006-12-08T18:28:53.000Z

Yes nice find, but the minimum requirements stuffs me I won’t have Java on my system.

Minimum Requirements: * Windows 2000, Windows XP, or Windows 2003 * Sun Java JRE 1.5.0_06 * Internet Explorer 6.x, Opera 9.x, or Firefox 1.5.x * Latest version of Microsoft Windows Update

bob3160 · 2006-12-08T18:56:23.000Z

http://img.photobucket.com/albums/v190/bob3160/ShellFTP/Inspector.png

This shows me as up-to-date with flash and way out of date… Must be some Reg. entries.

FWF,
I noticed your Java was still not up-to-date.

Thanks Damien, nice find.

Edit:
Updated Scan

FreewheelinFrank · 2006-12-08T20:23:48.000Z

Hi Bob,

I downloaded the latest Flash and installed, but still had the warnings from Secunia: they were all ActiveX controls in C:/Windows/System32/Macromed/Flash.

Some I could delete (7.x and 8.x) but not 9.0.16.0. I noticed an uninstaller and ran that, which got rid of that file.

Now Secunia doesn’t show any warnings. It doesn’t say I have Flash at all, but Flash content plays OK.

I have Java 6 (beta) but had forgotten to uninstall 5.0 Update 9: not a security risk, but thanks for spotting that anyway.

Yes nice find, but the minimum requirements stuffs me I won't have Java on my system.

Hi David,

Like it or not you have ActiveX, and unlike ActiveX, Java is sandboxed. ActiveX won’t be sandboxed until the entire browser it runs in is sandboxed in Vista. Java really is pretty safe if you keep it up to date.

system · 2006-12-08T21:54:57.000Z

Very nice find, Polonus … thanks!

DavidR · 2006-12-08T22:16:53.000Z

FreewheelinFrank post:6:

Yes nice find, but the minimum requirements stuffs me I won't have Java on my system.

Hi David,

Like it or not you have ActiveX, and unlike ActiveX, Java is sandboxed. ActiveX won’t be sandboxed until the entire browser it runs in is sandboxed in Vista. Java really is pretty safe if you keep it up to date.

Yes I have however, it is an extremely rare occasion I use IE, if I have to use it I use an IE clone, Maxthon and activeX is off.

As you say you have to keep Java up to date and as you have shown, easy to forget to update it ;D My main concern isn’t security I haven’t come across something that requires Java, that I absolutely can’t do without. That hasn’t happened so I an’t see the need to have it, sand boxed or otherwise.

Lisandro · 2006-12-08T22:27:38.000Z

DavidR post:8:

As you say you have to keep Java up to date and as you have shown, easy to forget to update it

There is an automated update schedule feature. 8)

bob3160 · 2006-12-08T22:57:31.000Z

Thanks Frank.

There is an automated update schedule feature.

The problem with the automatic update is that it doesn't un-install the old version. >:(

FreewheelinFrank · 2006-12-08T23:01:37.000Z

There is an automated update schedule feature.

Has this ever worked for anybody? I’ve never received a notification from Sun Java that it has been or needs to be updated. ???

Lisandro · 2006-12-09T00:49:27.000Z

FreewheelinFrank post:11:

Has this ever worked for anybody? I’ve never received a notification from Sun Java that it has been or needs to be updated. ???

Yeah… I was so enthusiastic answering David, but you’re right… it never even warned me that there is a new version available :-[

bob3160 post:10:

The problem with the automatic update is that it doesn’t un-install the old version. >:(

You’re right too :-\

bob3160 · 2006-12-15T14:22:10.000Z

A week has passed, is your system still totally up-to-date ???

http://img.photobucket.com/albums/v190/bob3160/ShellFTP/SoftwareInspector12-15-06.png

FreewheelinFrank · 2006-12-30T13:07:04.000Z

Followup on the Secunia Software Inspector Release

From over 400,000 detected applications, the Software Inspector tagged over 35% as insecure versions!
For IE 6.x users, 4.12% were insecure, which is a good sign; most people probably are aware of using Windows updates to get new IE versions.

For Adobe Flash 9.x users, over 53% were running insecure versions; a testament to both the popularity of Flash-based web content, and the lack of awareness on Flash vulnerabilities.

More than one third of Firefox 1.x users (35.47%) were found to be running vulnerable versions; while Opera users were safer, with only 13.04% running vulnerable versions of Opera 9x.

Only 6.8% users were found to run insecure versions of Skype 2.x, the popular VoIP program.

http://secunia.com/blog/4/

Announcements