SecTeer VulnDetect Support Forum VulnDetect
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Download VulnDetect Installer
    • Register
    • Login

    [Added] Spotify (Windows Store) - App-Request

    Added App Requests
    windows-store app-request
    2
    7
    2.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • OLLI_SO
      OLLI_S Community Moderator
      last edited by OLLI_S

      Name of the app:
      Spotify (Windows Store-Version)

      Developer:
      Spotify Ltd

      Website:
      https://www.spotify.com

      Download Site:
      https://www.spotify.com/download/windows/

      Version number displayed in the app:
      1.0.95.289.g342899da (Windows Store-Version)

      App-Icon: (in ICO format)

      Spotify_Icon_256x256.ico

      Notes:

      • You should display the version number 1.0.95.289

      Here the information extracted from the EXE file:

      File name and path:     C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe
Product Name:           Spotify
Internal Name:          Spotify
Original Filename:      Spotify.exe

File Description:       Spotify
Company:                Spotify Ltd
Legal Copyright:        Copyright (c) 2018, Spotify Ltd
Legal Trademarks:       
Comments:               

File Version String:    1.0.95.289
File Version:           1.0.95.289
Product Version String: 1.0.95.289
Product Version:        1.0.95.289
      1 Reply Last reply Reply Quote 0
      • OLLI_SO
        OLLI_S Community Moderator
        last edited by OLLI_S

        Currently I have 3 apps in VulnDetect that are downloaded from the Windows Store:

        • paint.net
        • Spotify
        • TreeSize Free

        As we have the common suggestion Mark Windows 10 Store Apps in the List of Apps we can mark this issue as solved.

        1 Reply Last reply Reply Quote 0
        • T
          Tom VulnDetect Team Member @OLLI_S
          last edited by

          @OLLI_S I agree.

          But we want to make something generic, that allows us to make that distinction globally, rather than making odd exceptions in the Rules. So right now we will avoid apps that only exist Windows Store and focus on regular desktop apps.

          And then it is just a bonus that Spotify and Paint .Net are matched by the same Rules regardless of how you installed it.

          /Tom
          Download the latest SecTeer VulnDetect agent here:
          https://vulndetect.com/dl/secteerSetup.exe

          1 Reply Last reply Reply Quote 0
          • OLLI_SO
            OLLI_S Community Moderator
            last edited by

            It is important that you Mark Windows 10 Store Apps in the List of Apps because these apps can only be updated via the Windows Store.

            T 1 Reply Last reply Reply Quote 0
            • T
              Tom VulnDetect Team Member
              last edited by

              The Rule we created matches both the regular desktop app and the Windows Store app. And just like Paint .Net it seems to follow the same versions, so no need for a distinction.

              /Tom
              Download the latest SecTeer VulnDetect agent here:
              https://vulndetect.com/dl/secteerSetup.exe

              1 Reply Last reply Reply Quote 0
              • OLLI_SO
                OLLI_S Community Moderator
                last edited by OLLI_S

                @Tom Spottify is now shown.
                Do you want to add the text "(Windows Store)" behind the name or a label "Windows Store" behind the name?
                In my opinion labels should also be shown behind the name and the version number (depending on the label).

                1 Reply Last reply Reply Quote 0
                • T
                  Tom VulnDetect Team Member
                  last edited by

                  It has a vuln similar to that in Amazon Music Player, found by the same researcher.

                  Spotify now added with Generic Rule. Specific Rules will follow.

                  /Tom
                  Download the latest SecTeer VulnDetect agent here:
                  https://vulndetect.com/dl/secteerSetup.exe

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Download SecTeer Personal VulnDetect - an alternative to the long lost Secunia PSI

                  Please see our Privacy and Data Processing Policy
                  Sponsored and operated by SecTeer | VulnDetect is a replacement for the EoL Secunia PSI
                  Forum software by NodeBB