Forum Thread: After XML Core Services v. 6.X(32 and 64bit) comes up, IE7(not on...

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Microsoft
And, this specific program:
Microsoft Internet Explorer 7.x

This thread has been marked as locked.
jonsca After XML Core Services v. 6.X(32 and 64bit) comes up, IE7(not on system)shows up in insecure browsing..
Member 4th Sep, 2009 04:01
Ranking: 0
Posts: 4
User Since: 4th Sep, 2009
System Score: N/A
Location: N/A
... around 35-40 times??

After my latest Secunia scan, I came up with the Visual C++ 2005/2008 problem which I hope will be resolved soon. However, I was also notified about the MSXML Core Services 6.X (I have Vista64 so it lists both 32 and 64 bit versions) and subsequently I was notified of 35-40 instances of IE7 that were insecure, even though I upgraded to IE8 months ago.
I'm hoping this is only due to some kind of bug as the scanner hadn't picked up any of this until this morning.

-Jon

MaritimeRider RE: After XML Core Services v. 6.X(32 and 64bit) comes up, IE7(not on system)shows up in insecure browsing..
Member 4th Sep, 2009 04:46
Score: 22
Posts: 174
User Since: 15th Mar 2009
System Score: N/A
Location: CA
Hello jonsca. First, you need to clarify your join date. As this is showing Sept.04/09 and today is Sept.03/09, is this a typo error or are you going back in time? Time travel is over the horizon. :).Now to the issue
I work with 34bit so 64bit is unfamiliar to me. Yet I would think if 64bit is installed,any programs should be compatible for 64bit. I use a small program called Revo uninstaller. It's free and is excellent for removing programs,even difficult. If you download that and run a session, it will pick out programs that have leftovers on your system. Easy to use and accurate. Just follow the directions.
Also, if all else fails and IE7 is still showing up as insecure, there is the ignore list. Add it to that and you will stop getting false reports. Now IE8 which was supposed to be so insecure was given a blog based on security and it showed as the best over the big names. This writeup can be found on this site,pulished to site by a member. You sound as if you knew what you were talking about but if you are indeed a new user, don't forget to check your firewall. This may be blocking entry>insecure. And always do a full scan from the site,before you check to see if you were successful
Jon I hope this helps you. I'logging off shortly but will check in the a.m.Any problem has a successful resolution
.
Was this reply relevant?
+0
-0
jonsca RE: After XML Core Services v. 6.X(32 and 64bit) comes up, IE7(not on system)shows up in insecure browsing..
Member 4th Sep, 2009 05:01
Score: 0
Posts: 4
User Since: 4th Sep 2009
System Score: N/A
Location: N/A
Hehe. Join date as reflected by local time, Europe wherever their servers are.

All good suggestions. I'm not going to be removing anything just yet because I think it's a flaw (or a false positive) on their end. My bewilderment is at the 35-40 browser instances (so usually I have 4 browsers under the "Secure Browsing" tab in the advanced mode, Chrome (noted as secure), IE8(32bit edition, insecure and can't be patched), IE8(64bit edition, insecure and can't be patched), and Firefox (secure)). It now lists IE7 repeatedly with about 8 insecure subcomponents to it even though I explicitly upgraded to IE8 (and the Secunia reflected as such) months ago.

I think it's related to the MSXML Core Services (though I'm not sure how) but I was just wondering if anyone else ran into the same problem -- alone or in conjunction with the Visual C++ runtime fiasco.

-Jon
Was this reply relevant?
+0
-0
Slamgeden RE: After XML Core Services v. 6.X(32 and 64bit) comes up, IE7(not on system)shows up in insecure browsing..
Member 4th Sep, 2009 10:03
Score: 0
Posts: 181
User Since: 17th Jul 2009
System Score: N/A
Location: N/A
Thing seems to be fixed. Try now.
Also, Secunia is based in Denmark. It's all here on the website.

--
Assorted Fnords.
Was this reply relevant?
+0
-0
jonsca RE: After XML Core Services v. 6.X(32 and 64bit) comes up, IE7(not on system)shows up in insecure browsing..
Member 4th Sep, 2009 11:23
Score: 0
Posts: 4
User Since: 4th Sep 2009
System Score: N/A
Location: N/A
Some improvement. Mentions of IE7 gone from Secure Browsing tab. All the MS XML Core Services are gone.

Visual C++ runtimes all still listed but I'm willing to wait that one out.

Yeah, I knew they were in Denmark but their servers could be anywhere. LoL I wasn't worried, he was.
Was this reply relevant?
+0
-0
cgordon311 RE: After XML Core Services v. 6.X(32 and 64bit) comes up, IE7(not on system)shows up in insecure browsing..
Member 4th Sep, 2009 16:29
Score: 3
Posts: 9
User Since: 4th Sep 2009
System Score: N/A
Location: N/A
Hello. I have windows vista 64 as well and this mourning I ran a scan and found the exact same problems as you. Both microsoft vulnerabilities and false internet explorer 7. The only thing I have done differently since my last scan was install the new service pack 2 for vista. When I installed the update there was a compatibility warning. I hesitated then decided to contact microsoft. I spent an hour on the phone and chat with them to run a bunch of tests for digitily signed drivers and stuff. In the end I had no problems with my computer and Microsoft told me to ignore the warning.

The install went well and I did not notice anything until this mourning. Microsoft has done something to our 2 files (Microsoft XML Core Services (MSXML)and Microsoft Visual C++ 2005 Redistributable Package ) that are giving us problems. This in turn has caused the false positive with IE 7. I know this because I uninstalled both microsoft files and ran the scan again and everything is back to normal.

I tried to do some research to find out if I needed these 2 files and I did not find out much.

1:Brief Description

The Microsoft Visual C++ 2005 Redistributable Package (x64) installs runtime components of Visual C++ Libraries required to run 64-bit applications developed with Visual C++ on a computer that does not have Visual C++ 2005 installed.

(http://www.microsoft.com/downloads/details.aspx?fa...)

I don't do programing so I can't see why I would need this. I ran windows update and windows did not think I needed any updates so I left it at that. There is however, an updated file; Microsoft Visual C++ 2008 Redistributable Package (x64)

updates link: http://www.microsoft.com/downloads/details.aspx?fa...

2:Overview

MSXML 4.0 Service Pack 2 (SP2) is a complete replacement of MSXML 4.0 and MSXML 4.0 Service Pack 1 (SP1). MSXML 4.0 SP2 provides a number of security and bug fixes. For more information about MSXML 4.0 SP2 see the release notes.


(http://www.microsoft.com/downloads/details.aspx?fa...)

Once again windows update does not seem to think I need these files on my computer. However, I did notice that there is a later version of this file; Microsoft Core XML Services (MSXML) 6.0.

Updates Link: http://www.microsoft.com/downloads/details.aspx?Fa...

I have not updated or reinstalled either of these 2 files and windows update/psi are not seeing any problems. I think I will leave it alone until something requires these files to work.

Hope I was helpful!

Correy
Was this reply relevant?
+0
-0
jonsca RE: After XML Core Services v. 6.X(32 and 64bit) comes up, IE7(not on system)shows up in insecure browsing..
Member 4th Sep, 2009 17:07
Score: 0
Posts: 4
User Since: 4th Sep 2009
System Score: N/A
Location: N/A
Thanks for all the info, it's definitely helpful to know others shared a similar bewilderment at the error. Rescanning your system (full scan) at this point should eliminate the false IE7 stuff, or at least it worked on mine. You will probably find you'll run into needing the missing runtimes as I think parts of Office use either the 2005 or 2008. They are not just meant for programmers as they provide many of the DLLs needed to run programs compiled in either of those code bases.
Was this reply relevant?
+0
-0
MaritimeRider RE: After XML Core Services v. 6.X(32 and 64bit) comes up, IE7(not on system)shows up in insecure browsing..
Member 5th Sep, 2009 18:10
Score: 22
Posts: 174
User Since: 15th Mar 2009
System Score: N/A
Location: CA
Wasn't able to open the secunia site on the 5th so did not get back to you sooner. Glad you are satisfied. Safe surfing.:).
Was this reply relevant?
+0
-0
cgordon311 RE: After XML Core Services v. 6.X(32 and 64bit) comes up, IE7(not on system)shows up in insecure browsing..
Member 6th Sep, 2009 05:04
Score: 3
Posts: 9
User Since: 4th Sep 2009
System Score: N/A
Location: N/A
Hell again,


Sorry about this delayed response. Thank you for mentioning the runtimes being associated with Microsoft Office. I have since downloaded the 2008 redistributional package and windows offered a security update after the insatall. Since then hasn't shown up as insecure.

Thanks again!

Correy Gordon
Was this reply relevant?
+0
-0
lindev 1 RE: After XML Core Services v. 6.X(32 and 64bit) comes up, IE7(not on system)shows up in insecure browsing..
Member 25th Oct, 2009 21:30
Score: 0
Posts: 1
User Since: 23rd Oct 2009
System Score: N/A
Location: N/A
You har problem with IE7
Mvh., Per Thomsen
Was this reply relevant?
+0
-0

This thread has been marked as locked.