[Solved] GeForce Experience - Wrong Version detected after Update to 3.14.1.48
-
Today I installed on my PC an update for GeForce Experience (new version 3.14.1.48) but VulnDetect does not detect the installed version correctly (version 3.14.1.43 is shown)!
Here the information extracted from the EXE file:
File name and path: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe Product Name: NVIDIA GeForce Experience Internal Name: NVIDIA GeForce Experience Original Filename: File Description: NVIDIA GeForce Experience Company: NVIDIA Corporation Legal Copyright: (C) 2017-2018 NVIDIA Corporation. All rights reserved. Legal Trademarks: Comments: File Version String: 64.3282.1731.5 File Version: 64.3282.1731.5 Product Version String: rel_03_14_1/5ef5d67 Product Version: 64.3282.1731.5 -
Not so good. The info is identical to that which you reported earlier:
https://vulndetect.org/topic/289/solved-geforce-experience-version-not-detected-after-update
This one may have to wait until we get the registry rules sorted. -
Should I send you the Screen Shot of the UI (where you see the version number)?
-
Maybe file-hashes would be a solution?
-
@olli_s We already do support the file hashes, but we lack a reliable mechanism, to ensure that the version you find an error in, also corresponds to the hash that we record.
And, sometimes, the version may be dependent on other than the main executable, it may be down to a DLL, a config file or some registry stuff. So even the hashes are not always a reliable solution to this. -
@Tom You are the experts, do whatever is needed to identify an application.
It should be an easy to handle (for you) way but also a reliable way. -
@olli_s I think we will provide some source code for you, so GetAppDetails also could generate the special hash that we use, this would increase the reliability.
I mean, the issue with the current system, is that I don't know if a specific file (hash) belongs to your system, nor can I be certain that it is indeed the same version of the file that was detected by secteer.exe, as you are currently running (it could have been updated since, a classic "race condition").
-
@tom said in GeForce Experience - Wrong Version detected after Update to 3.14.1.48:
I mean, the issue with the current system, is that I don't know if a specific file (hash) belongs to your system, nor can I be certain that it is indeed the same version of the file that was detected by secteer.exe, as you are currently running (it could have been updated since, a classic "race condition").
Do you mean (with the quoted lines) that the file could have been updated but have the same version number and the only method to identify it is by creating the hash?
Or did I get something wrong? -
@olli_s You are right. Both the File and Product version strings are the same for .43 and .48.
-
Here is the Help -> About Screen:
And here again the version number from the EXE:
File name and path: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe Product Name: NVIDIA GeForce Experience Internal Name: NVIDIA GeForce Experience Original Filename: File Description: NVIDIA GeForce Experience Company: NVIDIA Corporation Legal Copyright: (C) 2017-2018 NVIDIA Corporation. All rights reserved. Legal Trademarks: Comments: File Version String: 64.3282.1731.5 File Version: 64.3282.1731.5 Product Version String: rel_03_14_1/5ef5d67 Product Version: 64.3282.1731.5 -
Would be Hashes be helpful here?
-
@olli_s Yes, I believe that may be the best way to detect it. But the upcoming update will support using registry information, perhaps that is even better. So let's wait with the final decision on how to handle this and other NVIDIA apps before I have tested the registry information properly.
-
@Tom Added some new way of detecting GeForce Experience.
So the issue is solved.
