lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <57bfe46c0702261247p7ceade00ra43dd0c0a3326bd7@mail.gmail.com>
Date: Mon, 26 Feb 2007 21:47:51 +0100
From: "David ROBERT" <david@...repixel.com>
To: bugtraq@...urityfocus.com
Subject: Secunia Software Inspector OS Security Assessment problem

Hello,

Secunia Software Inspector is an online tool which detects insecure versions
of applications installed and  verifies that all Microsoft patches are applied.

It runs through your browser, need java and no installation or
download is required.

The problem is that in case your computer can't connect to windows
update servers
(many reasons for that *) it will give you a wrong information that your Windows
Operation system is up to date with all security related patches from Microsoft
are installed even if this is not true (!).

So be careful about that, global status will report 1 error detected
about an error
while searching for missing windows updates.  But Status for the OS patch
level will be Ok (green) ! :

Microsoft Windows is up-to-date, Your system has all security related patches
for Microsoft installed

(*) There can be many reasons (network problem, firewalls, etc.) for your
computer not to be able to connect to windows update servers.And a lot of
personal firewalls and anti virus tools (like Sophos, Mac Afee Virus scan)
will not allow svchost.exe to open a connexion to the wild world. svchost.exe
is the process which will try to connect to the windows update servers.

Secunia has been advised about this problem.

David ROBERT
http://ombrepixel.com/drobert/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ