Forum Thread: PSI misreports Acrobat DC version

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
tgmct PSI misreports Acrobat DC version
Member 5th Sep, 2017 23:55
Ranking: 0
Posts: 28
User Since: 3rd Aug, 2010
System Score: N/A
Location: US
PSI reports that Adobe Acrobat is vulnerable and needs to be updated from 15.6.30352.41391 to 15.6.30355.44268 (acrobat.exe). Windows properties shows that the file is already at version 15.6.30355.44268 and the Acrobat DC "about" popup also shows the version at 15.6.30355. The secunia application list shows that the software is updating even after multiple "scan again" actions both before and after rebooting the machine. I have screenshots but it does not appear that I can upload them via this api.

Maurice Joyce RE: PSI misreports Acrobat DC version
Handling Contributor 7th Sep, 2017 20:58
Score: 12296
Posts: 9,546
User Since: 4th Jan 2009
System Score: N/A
Location: UK
You can post screenshots using this method.

POSTING A SCREEN SHOT TO THE FORUM

To post a screen shot to the Forum you need to:

1. Capture the image by using a programme such as:
a. Microsoft Paint
b. Microsoft One Note
c. Microsoft Snippet
d. Any third party equivalent programme.

2. Save the image to an online repository such as Microsoft OneDrive or a third party programme like Dropbox.

3. Post the hyperlink to the stored online image to the Forum. Use CTRL+C to copy & CTRL+V to paste.

PSI must be showing you the rogue file as a scan result. Right click on it and select show details. It will show you the path to the problem. Double click on the path and it will open File Explorer so you can identify it. Once found you can manually delete it.



--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1709 (Fall Creators Update) Build 16299.64
16 GB RAM
IE & Edge Only
Was this reply relevant?
+0
-0
tgmct RE: PSI misreports Acrobat DC version
Member 8th Sep, 2017 02:56
Score: 0
Posts: 28
User Since: 3rd Aug 2010
System Score: N/A
Location: US
Last edited on 8th Sep, 2017 02:58
Sorry, I do not link any of my cloud accounts to anyone that I don't personally know, and then only rarely. If your forum had upload functionality (like most), I would place them there or some other sftp or cloud location that YOU have.

Not a rogue file. As I noted earlier, the properties of the file that PSI path shows that the file is current (acrobat.exe). I'm wondering if PSI is aware of the multiple license models that Adobe has these days and possibly not analyzing the target file properly where it could have multiple different sizes that would be current.
Was this reply relevant?
+0
-0
Maurice Joyce RE: PSI misreports Acrobat DC version
Handling Contributor 8th Sep, 2017 09:59
Score: 12296
Posts: 9,546
User Since: 4th Jan 2009
System Score: N/A
Location: UK
You can look up in the advisory section what variants of acrobat are affected by SA78358. This highly critical vulnerability dated August 2017 consists of 67 components that require patching to make the named acrobat versions secure.

If you think an acrobat version is missing from the advisory list you can always suggest it to Flexera with the tool provided within PSI.

You have written your post in such a way that I think you believe I am somehow connected to Flexera. Like every other member I do not work for,represent or have any contact with Flexera.

--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1709 (Fall Creators Update) Build 16299.64
16 GB RAM
IE & Edge Only
Was this reply relevant?
+0
-0

This thread has been marked as locked.