Forum Thread: MS10-019 on Windows 7 x64

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Microsoft
And, this specific program:
Microsoft Windows 7

This thread has been marked as resolved.
lamaslany MS10-019 on Windows 7 x64
Member 21st Jan, 2011 14:18
Ranking: 22
Posts: 19
User Since: 8th May, 2009
System Score: N/A
Location: N/A
I know that this has been raised before but I too have PSI 2.0 reporting a faux-detection of an insecurity (it is unable to find an instance of the affected files). Specifically it reports that Microsoft Service Patch KB978601 is not installed.

This was a fresh build on Wednesday and all Windows Updates have been installed. Rather than uninstalling an existing KB, installing an older KB and then installing the newer KB shouldn't PSI be updated to reflect that the newer KB mitigates the need for the older KB?

Kind regards,

Post "RE: MS10-019 on Windows 7 x64" has been selected as an answer.
Maurice Joyce RE: MS10-019 on Windows 7 x64
Handling Contributor 22nd Jan, 2011 17:01
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Not sure whether U have seen this?

http://secunia.com/community/forum/thread/show/727...

Just an uninstall then manually reinstall vis MS Downloads fixed it.

--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+2
-0
This user no longer exists RE: MS10-019 on Windows 7 x64
Member 24th Jan, 2011 10:33
Hi,

Have you tried walking through this item of our FAQ?
http://secunia.com/vulnerability_scanning/personal...

Hope this helps.
Was this reply relevant?
+0
-0
lamaslany RE: MS10-019 on Windows 7 x64
Member 24th Jan, 2011 11:52
Score: 22
Posts: 19
User Since: 8th May 2009
System Score: N/A
Location: N/A
on 22nd Jan, 2011 17:01, Maurice Joyce wrote:
Not sure whether U have seen this?

http://secunia.com/community/forum/thread/show/727...

Just an uninstall then manually reinstall vis MS Downloads fixed it.

I had seen that; yes. In fact that is why I created this thread... :)

While I do not doubt that would have worked my issue was that such a workaround should not be necessary. Whatever logic PSI uses to determine whether a vulnerable component is present should have been able to identify that despite not having that particular update installed the vulnerability was not present - in this case because another update had updated the affected file(s).

Sure I get what I pay for but I would be less confident in recommending PSI to less-technical friends and colleagues if they will be getting erroneous warnings that can only be cleared by uninstalling and re-installing updates...

In any case I would have presumed that corporate entities that pay for Secunia CSI wouldn't be too happy if they were forced to apply updates in a particular order just so CSI doesn't report a false-positive vulnerability.


on 24th Jan, 2011 10:33, wrote:
Hi,

Have you tried walking through this item of our FAQ?
http://secunia.com/vulnerability_scanning/personal...

Hope this helps.

In this instance it did not help. It was a fresh Windows 7 build with all updates listed by Windows Updates applied. I did this twice to be sure. The issue was I believe due to a false-positive caused by the scanning logic of PSI (I would be happy to be corrected). I am assuming that the scanning rules at that time had not been updated to reflect that a new update had been released that superseded the need to install the old one.



All that said both machines now report that the issue has 'resolved' itself. No additional patches were applied or workarounds attempted. This again re-enforces my belief that this was a false-positive by PSI.


Many thanks for your replies.

Kind regards,
Was this reply relevant?
+1
-0
This user no longer exists RE: MS10-019 on Windows 7 x64
Member 24th Jan, 2011 12:18
Hi,

Thank you for your feedback and experiences. We will be investigating the issue further, and hopefully it will be solved in a future version.

If you notice any other complications or problems, please notify us immediately.
Was this reply relevant?
+0
-0

This thread has been marked as locked.