SecTeer VulnDetect & PatchPro Support Forum VulnDetect
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Download VulnDetect Installer
    • Login

    [Added] Spotify (Windows Store) - App-Request

    Scheduled Pinned Locked Moved Added App Requests
    windows-storeapp-request
    7 Posts 2 Posters 2.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • OLLI_SO Offline
      OLLI_S Community Moderator
      last edited by OLLI_S

      Name of the app:
      Spotify (Windows Store-Version)

      Developer:
      Spotify Ltd

      Website:
      https://www.spotify.com

      Download Site:
      https://www.spotify.com/download/windows/

      Version number displayed in the app:
      1.0.95.289.g342899da (Windows Store-Version)

      App-Icon: (in ICO format)

      Spotify_Icon_256x256.ico

      Notes:

      • You should display the version number 1.0.95.289

      Here the information extracted from the EXE file:

      File name and path:     C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe
      Product Name:           Spotify
      Internal Name:          Spotify
      Original Filename:      Spotify.exe
      
      File Description:       Spotify
      Company:                Spotify Ltd
      Legal Copyright:        Copyright (c) 2018, Spotify Ltd
      Legal Trademarks:       
      Comments:               
      
      File Version String:    1.0.95.289
      File Version:           1.0.95.289
      Product Version String: 1.0.95.289
      Product Version:        1.0.95.289
      
      1 Reply Last reply Reply Quote 0
      • T Offline
        Tom VulnDetect Team Member
        last edited by

        It has a vuln similar to that in Amazon Music Player, found by the same researcher.

        Spotify now added with Generic Rule. Specific Rules will follow.

        /Tom
        Download the latest SecTeer VulnDetect agent here:
        https://vulndetect.com/dl/secteerSetup.exe

        1 Reply Last reply Reply Quote 0
        • OLLI_SO Offline
          OLLI_S Community Moderator
          last edited by OLLI_S

          @Tom Spottify is now shown.
          Do you want to add the text "(Windows Store)" behind the name or a label "Windows Store" behind the name?
          In my opinion labels should also be shown behind the name and the version number (depending on the label).

          1 Reply Last reply Reply Quote 0
          • T Offline
            Tom VulnDetect Team Member
            last edited by

            The Rule we created matches both the regular desktop app and the Windows Store app. And just like Paint .Net it seems to follow the same versions, so no need for a distinction.

            /Tom
            Download the latest SecTeer VulnDetect agent here:
            https://vulndetect.com/dl/secteerSetup.exe

            1 Reply Last reply Reply Quote 0
            • OLLI_SO Offline
              OLLI_S Community Moderator
              last edited by

              It is important that you Mark Windows 10 Store Apps in the List of Apps because these apps can only be updated via the Windows Store.

              T 1 Reply Last reply Reply Quote 0
              • T Offline
                Tom VulnDetect Team Member @OLLI_S
                last edited by

                @OLLI_S I agree.

                But we want to make something generic, that allows us to make that distinction globally, rather than making odd exceptions in the Rules. So right now we will avoid apps that only exist Windows Store and focus on regular desktop apps.

                And then it is just a bonus that Spotify and Paint .Net are matched by the same Rules regardless of how you installed it.

                /Tom
                Download the latest SecTeer VulnDetect agent here:
                https://vulndetect.com/dl/secteerSetup.exe

                1 Reply Last reply Reply Quote 0
                • OLLI_SO Offline
                  OLLI_S Community Moderator
                  last edited by OLLI_S

                  Currently I have 3 apps in VulnDetect that are downloaded from the Windows Store:

                  • paint.net
                  • Spotify
                  • TreeSize Free

                  As we have the common suggestion Mark Windows 10 Store Apps in the List of Apps we can mark this issue as solved.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Download SecTeer Personal VulnDetect - an alternative to the long lost Secunia PSI

                  Please see our Privacy and Data Processing Policy
                  Sponsored and operated by SecTeer | VulnDetect is a replacement for the EoL Secunia PSI
                  Forum software by NodeBB