Posts made by Tom

I can see, however, "pro" does not seem to be used in any way on the website and if you search for "xinorbis pro", only unofficial sites and threads here on vulndetect.org come up:
https://duckduckgo.com/?q="xinorbis+pro"
https://www.google.com/search?source=hp&q="xinorbis+pro"

It is far more important, that people can Duck or Google for the names and versions used by VulnDetect and be reasonable certain to find the official vendor pages, security bulletins and identify the correct download or support article, rather than matching whatever is shown in the GUI of the product.

It would be nice if we could fix this, but there is no good or easy solution when vendors are inconsistent in naming and versioning.

Thank you, now added

When we added a rule for it, there was no mentioning of 3.18.0.94, only of 3.18.0.92 (which is beta) and of 3.17.0.126 which was the recommended.

And this thread on the forum strongly indicated that .94 indeed also was / is beta:
https://forums.geforce.com/default/topic/1103472/geforce-experience/geforce-experience-3-18-0-94/

But, I can see that they updated the website yesterday and now consider 3.18.0.94 as stable and as the recommended and latest version.

It was added last week

Detection added

This is a very interesting case indeed.

While VulnDetect has the capability of detecting libraries, then this is beyond the current scope of VulnDetect.

However, due to the fact that this is being actively exploited and I can see that there is a LOT of software, including Avira AntiVir, WinRAR, XnView, PeaZip, Bandizip, SpeedCommander, and tonnes of software I never heard about, that utilizes it and sounds like it could provide attack vectors, I will add it for now.

But do not expect us to support libraries in general, anytime soon.

Later in the week, when the second iteration of our bundling is going live, then I will let the security state of unacev2.dll affect the state of the parent program.

@GregAlexandre

Cygwin is likely to bundle a lot of other software, please report when you see software that comes bundled with Cygwin, but which is displayed as independent installs.

@OLLI_S said in Grouping multiple (vulnerable) programs:

What about also bundling multiple instances of the same application?

• FreeCommander XE
  ....

And what about bundling 32-Bit and 64-Bit instances of the same application?
....

The rule of thumb that we will apply to bundling is the following:
If an installer installs both 32bit and 64bit versions, then we intend to bundle them.
If it requires downloading and running two different installers, then it will not be bundled.

In your example with FreeCommander, then we will bundle them, if the "backup" folder is created by the installer. If you created it manually, then we usually consider it separate installations (but manually moving exe files may class with the bundle specifications).
The PortableApps will generally not be considered bundled, but rather separate installations.

Finally, we are getting ready to launch this new feature. We have run the first tests in the test environment and are ready to update the backend either tomorrow or Monday.

The first iteration will hide (disregard) the bundled apps.

However, we expect to make an update for the UI very soon, that will allow you to view the hidden bundled applications.

Please, do start to report bundled applications, in most cases, all we need is a copy of the path of e.g. Java, Flash, curl or whatever program that is part of another parent installation.

Thank you for reporting this.
The rule has been updated, Build 15470 is considered OK.

Cygwin has been addded

Detection for Cygwin has been added.
However, Cygwin will be "Untracked" because the security information available is sporadic.

@OLLI_S No, just leave this open. This is still relevant for VulnDetect.

@OLLI_S Leave the topic open, I still think it is relevant for VulnDetect to support this. But it will not happen soon.

@OLLI_S Because only two users run Ahnenblatt, so we don't see it that fast.
And the English Ahnenblatt website is always after the German. So even on they day where we did add "recommended" for 2.99h, the English website still recommended 2.99g.

Changing the recommended version is always something that requires manual work on our side, so just because someone installs a newer version, we will continue to recommend the "old" version until we confirm that the new version is official and recommended by the vendor.

You are right. It is a known non-feature.

It will be fixed eventually, but there is no ETA on that.