Posts made by Tom

Thank you

Lookup and new channel added.

This should be updated

Hi Greg,
Is there more than one ClickToRun.exe detection in the bundle?
Excel and Office Build 11929.20254 should be detected as Insecure and the other Office products should be detected as OK.
Current "OK" is Build 11929.20300 for the Monthly and Semi-Annual Targeted channels for all products.
Kind regards,
Tom

@OLLI_S I believe we talked about that name before, there is almost no references to Xinorbis Pro, he almost exclusively uses Xinorbis, both in the app and on the site. So the name will not be changed.

@OLLI_S I believe the width was increased last week

Thank you
I believe this has been resolved now

@OLLI_S I agree

We added a lookup, so we will start collecting the files now. More details will be added once we see the files in our todo.

If you could send me a private message with the email address for that account, then it would be even better, then I will go in and look at the raw data.
I just checked a few of my test hosts with a similar Chrome / Flash install, and it is bundled correctly, so looking at your raw data could be useful.

@OLLI_S Very interesting idea.
But don't you think that VulnDetect users are too concerned with privacy issues to purchase an Alexa device?

@GregAlexandre I believe this is resolved.
The reason is that we use the version string, if there is no Specific Rule for that version, but once we add a Specific Rule, then the version will be rewritten.
We did, however, change the default version to the number, rather than the string.
Thank you

@OLLI_S Like I said below, then this is not the same case as the other ones you mentioned.

The purpose of bundling is not to include all executables or libraries.

In the case of FreeFileSync it is sufficient to detect the "launcher" as it contains sufficient with information and the vendor seems to have a solid policy of supplying useful and updated version information in both the launcher and the architecture specific executables.

Bundling is primarily used to "bundle" certain applications (or in some cases libraries) such as 7-Zip, Java, Flash, NodeJS and others, which shouldn't be updated separately, but rather together with the program that bundles these.

Coincidentally, bundling is also useful in the cases where the original vendor supplies multiple main executables (either with different architectures or due to updates) and these happen to be the best choice for detecting the presence of the program.

We only display bundled programs, because we know that many power users such as you and @Anselm (I guess) like to know about these and their security state (and so do I )

Then you just need to do an "Inspect This Computer" and minutes later it will be updated
The rule is less than an hour old... And a new rule requires a new inspection.

Thank you, yes, Xinorbis, the Arc Client and a few other needs to be handled in a different way, so I need you and other users to report new / unknown versions here in the forum or via the chat.

We did some work on the Monthly Channel yesterday, can you try to reload the results and check?

@GregAlexandre I have removed the Internal flag, so after next scan you should be able to see it.

@GregAlexandre
VulnDetect detects both NirSoft IconsExtract and IcoFX.
Remember, it is only the older (portable) versions of IcoFX that are vulnerable, if you install the latest, then there is no issues.
If you find another tool, then let me know and we will add detection for that.

@cdqEAW67 Awesome and thank you