Forum Thread: Recurrent false-positive on Adobe?

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Adobe Systems
And, this specific program:
Adobe Reader 9.x

This thread has been marked as locked.
TiranaNeal Recurrent false-positive on Adobe?
Member 28th Mar, 2010 17:18
Ranking: 3
Posts: 3
User Since: 28th Mar, 2010
System Score: N/A
Location: US
Lately I've been getting alerts on Adobe Acrobat 8.x and Adobe Reader 9.x. I update these programs regularly and just got them up to spec a couple weeks ago, as I recall. Today, PSI listed them as Insecure. I re-scanned them and they cleared. This has happened three times in the last week without any updates necessary. It's annoying, not earth-shattering or anything, just annoying. Any reason this should keep happening? Is there a fix or should I just get used to it?

Thanks.
Neal

This user no longer exists RE: Recurrent false-positive on Adobe?
Member 29th Mar, 2010 10:09
Hi,

Could I please ask you to confirm that:
You've done a full rescan, which shows the programs to be insecure.
Then you did a localized rescan of just that application which shows the program to be insecure.
Is this correct?
If so, this is a know bug, where the PSI will pick up it's version numbers from a unrelated file somewhere else on your hard drive that matches our rules. The localized rescan gives the correct results in this case.

Hope this helps.
Was this reply relevant?
+0
-0

Dedek

RE: Recurrent false-positive on Adobe?
[+]
This reply has been minimised due to a negative Relevancy Score.

Maurice Joyce

RE: Recurrent false-positive on Adobe?
[+]
This reply has been minimised due to a negative Relevancy Score.

Dedek

RE: Recurrent false-positive on Adobe?
[+]
This reply has been minimised due to a negative Relevancy Score.
TiranaNeal RE: Recurrent false-positive on Adobe?
Member 29th Mar, 2010 11:19
Score: 3
Posts: 3
User Since: 28th Mar 2010
System Score: N/A
Location: US
Correct. Each morning (or so it appears) PSI has identified the two programs as insecure (Acrobat Reader 9.3.0.148 & Acrobat 8.2.0.81). I verified that the file version (in Windows Explorer) identified by PSI is the same as the identified path reported in PSI. However, when I open the programs and check Help - About, Reader identifies itself as 9.3.1 and Acrobat 8 as 8.2.1.

When I re-scanned local, both cleared (congratulations!). I ran a new manual scan and have no insecure programs. Oddly enough, PSI last ran a full scan on 23 March and wasn't scheduled to run another one until 30 March. So... why is it reporting it as insecure? If it's not from a full scan, when is it obtaining this info? How much you want to bet tomorrow (or sometime soon at any rate) I'll have two more "insecurities?"
Was this reply relevant?
+2
-0

Maurice Joyce

RE: Recurrent false-positive on Adobe?
[+]
This reply has been minimised due to a negative Relevancy Score.

Dedek

RE: Recurrent false-positive on Adobe?
[+]
This reply has been minimised due to a negative Relevancy Score.

Maurice Joyce

RE: Recurrent false-positive on Adobe?
[+]
This reply has been minimised due to a negative Relevancy Score.

Dedek

RE: Recurrent false-positive on Adobe?
[+]
This reply has been minimised due to a negative Relevancy Score.
TiranaNeal RE: Recurrent false-positive on Adobe?
Member 30th Mar, 2010 07:56
Score: 3
Posts: 3
User Since: 28th Mar 2010
System Score: N/A
Location: US
Right on schedule: Adobe Acrobat 8 and Adobe Reader 9 are listed as insecure, again. This thread got off track into other Adobe products. Any chance of a relevant reply? :-)
Was this reply relevant?
+1
-0
This user no longer exists RE: Recurrent false-positive on Adobe?
Member 30th Mar, 2010 08:44
on 30th Mar, 2010 07:56, TiranaNeal wrote:
Right on schedule: Adobe Acrobat 8 and Adobe Reader 9 are listed as insecure, again. This thread got off track into other Adobe products. Any chance of a relevant reply? :-)


Hi,

This is a know bug, and is in the hands of our developers. The problem is caused by old versions of Acrobat/Reader on other drives, and the PSI using version info from files in their subdirs instead of the version that belongs to the detected instance. Thank you for reporting it, and sorry for the trouble. In the mean time, using the local rescan should produce accurate results.

hope this helps.
Was this reply relevant?
+0
-0
hanmeng RE: Recurrent false-positive on Adobe?
Member 1st Apr, 2010 23:27
Score: 1
Posts: 1
User Since: 30th Oct 2009
System Score: N/A
Location: N/A
How do I do a "localized scan"?
Was this reply relevant?
+1
-0
Andy68 RE: Recurrent false-positive on Adobe?
Member 2nd Apr, 2010 08:14
Score: -2
Posts: 8
User Since: 2nd Apr 2010
System Score: N/A
Location: JP
After using the bloated Adobe Reader for years, I got fed up with all the security issues. This must be one of the most patched and potentially vulnerable mainstream programs used.

I have been using the free, much smaller and far more secure FOXIT for the past six months, and think it's great. Fully compatible with all PDF's. (and more)

Regarding Adobe flash player/active x control, there isn't really much choice, but to update it often.
Was this reply relevant?
+2
-0

This thread has been marked as locked.