Show Reason for Unsafe Status
-
report on programs with security vulnerabilities for which a patch is not yet available (zero-days). This should be categorized separately from other things (patches available or bugfix/feature updates.
Suggested by @CTaylor
-
This will affect many applications, also applications that were already patched but no info about the fixed vulnerabilities are available.
So this would definitely help the user. -
May I suggest to have a forum on how to remove safely unsafe version left?
For instance, I have many unsafe 7-zip version left in installshield data which are probably left by installations that do not clean up correctly. I am almost sure these 7-zip executables can be deleted without harm, but discussing this subject could help myself and others (and help let know vulndetect by having these solutions referenced by search engines). -
@gregalexandre If this makes too much noise in the Detection Issues and Suggestions category, then we will consider making a new category for such issues. But for now, feel free to discuss this in Detection Issues.
-
@tom Thanks. I will ask about NVIDIA downloader which left unsafe 7-zip.
-
@gregalexandre Yes, this is due to the way we detect programs. One of the upcoming features of our rules, will be the ability to "group" based on what program it was bundled with. 7-zip is bundled with a lot of different apps, including certain Nvidia packages, so, in the future, you should only see Nvidia, and then when you expand Nvidia, you will see that it also includes 7-zip (which can't be updated). But again, that is part of the many things we are still working on, so please be patient.
-
In the list of applications there are many entries that are marked as unsafe although they are up-to-date.
So I really don't know why they are marked ad unsafe (I just can imagine that there are some unpatched vulnerabilities).Please write the reason why an application is unsafe, so I know if there is a new version available or if I have to kick some but and tell the developers of the app to release a patch for the unsafe version.
-
@olli_s Yes, I agree. Currently we do track this in the rules, but the UI hasn't been updated to utilize this.
During the past two months we have changed a bit in the structure of the rules, this is actually a huge improvement, but it also requires a bigger change in both the UI and the processing engine, before we can display this properly.
I can't give an ETA at the moment for this change to be reflected in the UI.
Rest assured, we will have detailed tracking of the reason for "Unsafe". -
I am glad that you plan this feature because users won't understand why an application is Unsafe although it is up-to-date.
-
The VulnDetect supports this, kind of.
Some Rules has been updated and does show a "Recommended" version, even if the version you got isn't flagged as insecure or EoL.
Right now we use the word "Recommended" in both cases.
This will be changed, so that Insecure and EoL triggers "Recommended".
And a different installed version than the latest known version from the vendor, will say "Suggested".
When you see that the version we "Suggest" or "Recommend" is older or different from the one you just installed or updated to, then you are most welcome to send us a chat message, write a short message here on the forum or simply wait a day.
We are (in most cases) "alerted" automatically when you have a newer version and it ends up on our automatic "to do list". Normally, these new or unknown versions are updated / added within a day, but feel free to ping us if you are impatient to have a Rule updated.
-
T Tom referenced this topic on
