Forum Thread: 2.0b versus Windows Applications Insecure Library Loading

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI 2.0 Beta

This thread has been marked as locked.
Dwarden 2.0b versus Windows Applications Insecure Library Loading
Member 19th Sep, 2010 10:08
Ranking: 0
Posts: 17
User Since: 23rd Dec, 2007
System Score: N/A
Location: CZ
Hello,

so i noticed this nice list of Windows Applications Insecure Library Loading

http://secunia.com/advisories/windows_insecure_lib...

my surprise wasn't that i discovered several applications on this list i have installed
it was that they weren't reported by PSI 2.0 beta as 'insecure/unpatched/threat'

let's name few as example

DivX 8.1 player plus
http://secunia.com/advisories/41408

Ultraedit v16
http://secunia.com/advisories/41103

MS VC++
http://secunia.com/advisories/40983

Tortoise SVN
http://secunia.com/advisories/41259

Winamp
http://secunia.com/advisories/41093

and many others

i think this is quite serious flaw in PSI
as it not inform about such vulnerabilities in installed programs at all ...

This user no longer exists RE: 2.0b versus Windows Applications Insecure Library Loading
Member 20th Sep, 2010 08:56
Hi,

All of the advisories you linked are (As of 20/09/10) "unpatched". This means that the vendor has not issued security fixes for them, and therefore the PSI will not flag them as Insecure, since no solution exists.

However, there has already been several user requests for a "unpatched vulnerabilities" feature, and your feedback will be considered.
Was this reply relevant?
+0
-0
Dwarden RE: 2.0b versus Windows Applications Insecure Library Loading
Member 21st Sep, 2010 21:36
Score: 0
Posts: 17
User Since: 23rd Dec 2007
System Score: N/A
Location: CZ
thanks,

it would really help to notice insecure applications way faster
(and even force users to look if there is any temporary workaround)
Was this reply relevant?
+0
-0

This thread has been marked as locked.