# Software security Scan



## Ariesjill (May 16, 2006)

Not sure if plain member can post here.....but if so, this is from Dr. Gizmo's newsletter I get,,,,today's edition:

5.1 How to Ensure You Don't Have Vulnerable Software on Your PC


If you want to keep your PC secure it's essential that all your software is kept up to date with the latest security patches.

When I say all your software, I mean all, not just Windows and Office. For example, is your version of Adobe Reader up-to-date? How recent is your Java and your Flash plug-in? Well, I hope they are up-to-date as earlier versions of all these products have critical security flaws that could allow an intruder to take over your PC.

As a typical PC may have dozens of products installed it's a big task to ensure each and every product has been updated. However, security company Secunia has just made it a lot easier.
Secunia is offering a free online scan of your software that checks the product versions you are running against their extensive database of known flaws. You get a full report showing what products to update and where to get the updates. It's Java based so will run on any modern browser and the whole thing only takes a minute or so.

Every one of my PCs needed at least one product update. This came as a shock to me as I consider myself quite diligent in keeping my software up-to-date.

This is one of the best free security services I've seen so make a visit to this site part of your regular PC maintenance. Thanks to David Hahn for letting me know about this.

http://secunia.com/software_inspector/
______________________________________
Edit:

OK, just ran this thing. It naturally did both drives.....I will paste results, litytle upsetting, but I need 2 go thru each thing 2 C if not having updates really puts me at risk. but FYI:

Secunia Software Inspector 
The Secunia Software Inspector will inspect your operating system and software for insecure versions and missing security updates. A default inspection normally lasts 5-40 seconds, while a thorough inspection may take several minutes. Note: If you have anti-virus software or similar enabled, an inspection may increase significantly in duration. 
Detection Statistics:

35 Applications Detected in Total
19 Insecure Versions Detected
16 Secure Versions Detected

Running For: 
7 Minutes, 47 Seconds

Errors Detected: 
0 Errors Detected 
Enable thorough system inspection.
Enable the Secunia Software Inspector to search for software installed in non-default locations.

TIP! While the inspector runs, be sure to sign up for the reminder service! Clicking won't stop your current inspection. 
Status / Currently Processing:

Detection completed successfully 

Applications / Result Version Detected Status 
Microsoft Windows XP Professional Service Pack 2 

Adobe Reader 7.x 7.0.8.218 
This installation of Adobe Reader 7.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 7.0.8.218, however, the latest secure version released by the vendor, fixing one or more vulnerabilities, is 7.0.9.

Update Instructions:
Update to Adobe Reader 8.0 or 7.0.9.
http://www.adobe.com/products/acrobat/readstep2.html

Vulnerabilities Fixed:
Read about the vulnerabilities fixed with this update in Secunia advisory SA23666 (opens in a new window). The Secunia advisory describes the vulnerabilities fixed by the latest security update. If your installation is outdated with more than one version, then more vulnerabilities may be covered.


Installed on Your System in:
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe 
Apple QuickTime 7.x 7.1.3.170 
This installation of Apple QuickTime 7.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 7.1.3.170, however, the latest secure version released by the vendor, fixing one or more vulnerabilities, is 7.1.5.0.

Update Instructions:
Update to version 7.1.5 or later.
http://www.apple.com/quicktime/download/win.html

Vulnerabilities Fixed:
Read about the vulnerabilities fixed with this update in Secunia advisory SA24359 (opens in a new window). The Secunia advisory describes the vulnerabilities fixed by the latest security update. If your installation is outdated with more than one version, then more vulnerabilities may be covered.


Installed on Your System in:
C:\Program Files\QuickTime\QuickTimePlayer.exe 
Microsoft Internet Explorer 7.x 7.0.6000.16414 

Microsoft Outlook Express 6 6.00.2900.2180 

Microsoft Windows Media Player 10.x 10.00.00.3802 

RealPlayer 6 6.0.9.584 
This installation of RealPlayer 6 is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 6.0.9.584, however, the latest secure version released by the vendor, fixing one or more vulnerabilities, is 6.0.12.1483.

Update Instructions:
Update to version 6.0.12.1483 or later.

Perform the following steps:
1) In the Tools menu select Check for Update.
2) Select the box next to the "Security Update – March 2006" component (provides full player).
3) Click Install to download and install the update.

Or download the following file:
http://service.real.com/realplayer/security/03162006_player/win32patch.rnx

Vulnerabilities Fixed:
Read about the vulnerabilities fixed with this update in Secunia advisory SA19358 (opens in a new window). The Secunia advisory describes the vulnerabilities fixed by the latest security update. If your installation is outdated with more than one version, then more vulnerabilities may be covered.


Installed on Your System in:
C:\Program Files\Real\RealPlayer\realplay.exe 
WinZip 10.x 10. (6667) 
This installation of WinZip 10.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 10. (6667), however, the latest secure version released by the vendor, fixing one or more vulnerabilities, is 10.0.7245.0.

Update Instructions:
Update to version 10.0 Build 7245.
http://www.winzip.com/

Vulnerabilities Fixed:
Read about the vulnerabilities fixed with this update in Secunia advisory SA22891 (opens in a new window). The Secunia advisory describes the vulnerabilities fixed by the latest security update. If your installation is outdated with more than one version, then more vulnerabilities may be covered.


Installed on Your System in:
C:\Program Files\WinZip\WINZIP32.EXE 
ZoneAlarm 6.x 6.5.737.000 

Adobe Flash Player 9.x 9.0.28.0 

Macromedia Flash Player 5.x 5.0.42.0 
This installation of Macromedia Flash Player 5.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 5.0.42.0, however, the latest secure version released by the vendor, fixing one or more vulnerabilities, is 9.0.28.0.

Update Instructions:
Update to version 9.0.28.0.
http://www.macromedia.com/go/getflash

NOTE: When updating Flash Player, older versions are not always automatically removed from your system. If older versions were detected that you believe should not be present, then please contact the vendor regarding how to remove them from your system.

Vulnerabilities Fixed:
Read about the vulnerabilities fixed with this update in Secunia advisory SA22467 (opens in a new window). The Secunia advisory describes the vulnerabilities fixed by the latest security update. If your installation is outdated with more than one version, then more vulnerabilities may be covered.


Installed on Your System in:
C:\WINDOWS\SYSTEM32\Macromed\Flash\swflash.ocx 
Sun Java JRE 1.5.x / 5.x 5.0.50.5 
This installation of Sun Java JRE 1.5.x / 5.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 5.0.50.5, however, the latest secure version released by the vendor, fixing one or more vulnerabilities, is 5.0.100.1.

Update Instructions:
Update to 5.0 Update 10 or later.
http://www.java.com/en/download/manual.jsp

NOTE. Older versions of Sun Java are not removed from your system when downloading and installing new versions from Sun. Therefore, if you have the latest Sun Java version installed, then you should consider removing all older versions of Sun Java from your system. This can be done via "Add/Remove Programs" in the Microsoft Windows "Control Panel". If you are in doubt about removing older versions of Sun Java then please contact the vendor for assistance.

Vulnerabilities Fixed:
Read about the vulnerabilities fixed with this update in Secunia advisory SA23757 (opens in a new window). The Secunia advisory describes the vulnerabilities fixed by the latest security update. If your installation is outdated with more than one version, then more vulnerabilities may be covered.


Installed on Your System in:
C:\Program Files\Java\jre1.5.0_05\bin\java.exe 
Sun Java JRE 1.5.x / 5.x 5.0.80.3 
This installation of Sun Java JRE 1.5.x / 5.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 5.0.80.3, however, the latest secure version released by the vendor, fixing one or more vulnerabilities, is 5.0.100.1.

Update Instructions:
Update to 5.0 Update 10 or later.
http://www.java.com/en/download/manual.jsp

NOTE. Older versions of Sun Java are not removed from your system when downloading and installing new versions from Sun. Therefore, if you have the latest Sun Java version installed, then you should consider removing all older versions of Sun Java from your system. This can be done via "Add/Remove Programs" in the Microsoft Windows "Control Panel". If you are in doubt about removing older versions of Sun Java then please contact the vendor for assistance.

Vulnerabilities Fixed:
Read about the vulnerabilities fixed with this update in Secunia advisory SA23757 (opens in a new window). The Secunia advisory describes the vulnerabilities fixed by the latest security update. If your installation is outdated with more than one version, then more vulnerabilities may be covered.


Installed on Your System in:
C:\Program Files\Java\jre1.5.0_08\bin\java.exe 
Sun Java JRE 1.5.x / 5.x 5.0.110.3 

Sun Java JRE 1.5.x / 5.x 5.0.60.5 
This installation of Sun Java JRE 1.5.x / 5.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 5.0.60.5, however, the latest secure version released by the vendor, fixing one or more vulnerabilities, is 5.0.100.1.

Update Instructions:
Update to 5.0 Update 10 or later.
http://www.java.com/en/download/manual.jsp

NOTE. Older versions of Sun Java are not removed from your system when downloading and installing new versions from Sun. Therefore, if you have the latest Sun Java version installed, then you should consider removing all older versions of Sun Java from your system. This can be done via "Add/Remove Programs" in the Microsoft Windows "Control Panel". If you are in doubt about removing older versions of Sun Java then please contact the vendor for assistance.

Vulnerabilities Fixed:
Read about the vulnerabilities fixed with this update in Secunia advisory SA23757 (opens in a new window). The Secunia advisory describes the vulnerabilities fixed by the latest security update. If your installation is outdated with more than one version, then more vulnerabilities may be covered.


Installed on Your System in:
C:\Program Files\Java\jre1.5.0_06\bin\java.exe 
Sun Java JRE 1.5.x / 5.x 5.0.100.3 

Adobe Flash Player 9.x 9.0.28.0 

Adobe Reader 7.x 7.0.8.218 
This installation of Adobe Reader 7.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 7.0.8.218, however, the latest secure version released by the vendor, fixing one or more vulnerabilities, is 7.0.9.

Update Instructions:
Update to Adobe Reader 8.0 or 7.0.9.
http://www.adobe.com/products/acrobat/readstep2.html

Vulnerabilities Fixed:
Read about the vulnerabilities fixed with this update in Secunia advisory SA23666 (opens in a new window). The Secunia advisory describes the vulnerabilities fixed by the latest security update. If your installation is outdated with more than one version, then more vulnerabilities may be covered.


Installed on Your System in:
E:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe 
Apple QuickTime 7.x 7.1.3.170 
This installation of Apple QuickTime 7.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 7.1.3.170, however, the latest secure version released by the vendor, fixing one or more vulnerabilities, is 7.1.5.0.

Update Instructions:
Update to version 7.1.5 or later.
http://www.apple.com/quicktime/download/win.html

Vulnerabilities Fixed:
Read about the vulnerabilities fixed with this update in Secunia advisory SA24359 (opens in a new window). The Secunia advisory describes the vulnerabilities fixed by the latest security update. If your installation is outdated with more than one version, then more vulnerabilities may be covered.


Installed on Your System in:
E:\Program Files\QuickTime\QuickTimePlayer.exe 
Macromedia Flash Player 5.x 5.0.42.0 
This installation of Macromedia Flash Player 5.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 5.0.42.0, however, the latest secure version released by the vendor, fixing one or more vulnerabilities, is 9.0.28.0.

Update Instructions:
Update to version 9.0.28.0.
http://www.macromedia.com/go/getflash

NOTE: When updating Flash Player, older versions are not always automatically removed from your system. If older versions were detected that you believe should not be present, then please contact the vendor regarding how to remove them from your system.

Vulnerabilities Fixed:
Read about the vulnerabilities fixed with this update in Secunia advisory SA22467 (opens in a new window). The Secunia advisory describes the vulnerabilities fixed by the latest security update. If your installation is outdated with more than one version, then more vulnerabilities may be covered.


Installed on Your System in:
E:\WINDOWS\system32\Macromed\Flash\swflash.ocx 
Macromedia Flash Player 6.x 6.0.80.0 
This installation of Macromedia Flash Player 6.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 6.0.80.0, however, the latest secure version released by the vendor, fixing one or more vulnerabilities, is 6.0.88.0.

Update Instructions:
Update to version 6.0.88.0 or 9.0.28.0.
http://www.macromedia.com/go/getflash

NOTE: When updating Flash Player, older versions are not always automatically removed from your system. If older versions were detected that you believe should not be present, then please contact the vendor regarding how to remove them from your system.

Vulnerabilities Fixed:
Read about the vulnerabilities fixed with this update in Secunia advisory SA22467 (opens in a new window). The Secunia advisory describes the vulnerabilities fixed by the latest security update. If your installation is outdated with more than one version, then more vulnerabilities may be covered.


Installed on Your System in:
E:\Program Files\Common Files\AOL\Flasha.ocx 
Macromedia Flash Player 6.x 6.0.80.0 
This installation of Macromedia Flash Player 6.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 6.0.80.0, however, the latest secure version released by the vendor, fixing one or more vulnerabilities, is 6.0.88.0.

Update Instructions:
Update to version 6.0.88.0 or 9.0.28.0.
http://www.macromedia.com/go/getflash

NOTE: When updating Flash Player, older versions are not always automatically removed from your system. If older versions were detected that you believe should not be present, then please contact the vendor regarding how to remove them from your system.

Vulnerabilities Fixed:
Read about the vulnerabilities fixed with this update in Secunia advisory SA22467 (opens in a new window). The Secunia advisory describes the vulnerabilities fixed by the latest security update. If your installation is outdated with more than one version, then more vulnerabilities may be covered.


Installed on Your System in:
C:\Program Files\Common Files\AOL\Flasha.ocx 
Microsoft Internet Explorer 7.x 7.0.6000.16414 
This installation of Microsoft Internet Explorer 7.x is insecure and potentially exposes your system to security threats!

Your system does not have all security related patches from Microsoft installed. Please see list below for details about the missing patches.

Update Instructions:
You do not have the following Microsoft security updates installed:
KB928090
KB928090

Visit Windows Update to install the missing patches.

Installed on Your System in:
E:\Program Files\Internet Explorer\iexplore.exe 
Microsoft Outlook Express 6 6.00.2900.2180 

Microsoft Windows Media Player 10.x 10.00.00.3802 

RealPlayer 6 6.0.9.584 
This installation of RealPlayer 6 is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 6.0.9.584, however, the latest secure version released by the vendor, fixing one or more vulnerabilities, is 6.0.12.1483.

Update Instructions:
Update to version 6.0.12.1483 or later.

Perform the following steps:
1) In the Tools menu select Check for Update.
2) Select the box next to the "Security Update – March 2006" component (provides full player).
3) Click Install to download and install the update.

Or download the following file:
http://service.real.com/realplayer/security/03162006_player/win32patch.rnx

Vulnerabilities Fixed:
Read about the vulnerabilities fixed with this update in Secunia advisory SA19358 (opens in a new window). The Secunia advisory describes the vulnerabilities fixed by the latest security update. If your installation is outdated with more than one version, then more vulnerabilities may be covered.


Installed on Your System in:
E:\Program Files\Real\RealPlayer\realplay.exe 
Sun Java JRE 1.5.x / 5.x 5.0.50.5 
This installation of Sun Java JRE 1.5.x / 5.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 5.0.50.5, however, the latest secure version released by the vendor, fixing one or more vulnerabilities, is 5.0.100.1.

Update Instructions:
Update to 5.0 Update 10 or later.
http://www.java.com/en/download/manual.jsp

NOTE. Older versions of Sun Java are not removed from your system when downloading and installing new versions from Sun. Therefore, if you have the latest Sun Java version installed, then you should consider removing all older versions of Sun Java from your system. This can be done via "Add/Remove Programs" in the Microsoft Windows "Control Panel". If you are in doubt about removing older versions of Sun Java then please contact the vendor for assistance.

Vulnerabilities Fixed:
Read about the vulnerabilities fixed with this update in Secunia advisory SA23757 (opens in a new window). The Secunia advisory describes the vulnerabilities fixed by the latest security update. If your installation is outdated with more than one version, then more vulnerabilities may be covered.


Installed on Your System in:
E:\Program Files\Java\jre1.5.0_05\bin\java.exe 
Sun Java JRE 1.5.x / 5.x 5.0.80.3 
This installation of Sun Java JRE 1.5.x / 5.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 5.0.80.3, however, the latest secure version released by the vendor, fixing one or more vulnerabilities, is 5.0.100.1.

Update Instructions:
Update to 5.0 Update 10 or later.
http://www.java.com/en/download/manual.jsp

NOTE. Older versions of Sun Java are not removed from your system when downloading and installing new versions from Sun. Therefore, if you have the latest Sun Java version installed, then you should consider removing all older versions of Sun Java from your system. This can be done via "Add/Remove Programs" in the Microsoft Windows "Control Panel". If you are in doubt about removing older versions of Sun Java then please contact the vendor for assistance.

Vulnerabilities Fixed:
Read about the vulnerabilities fixed with this update in Secunia advisory SA23757 (opens in a new window). The Secunia advisory describes the vulnerabilities fixed by the latest security update. If your installation is outdated with more than one version, then more vulnerabilities may be covered.


Installed on Your System in:
E:\Program Files\Java\jre1.5.0_08\bin\java.exe 
Sun Java JRE 1.5.x / 5.x 5.0.110.3 

Sun Java JRE 1.5.x / 5.x 5.0.110.3 

Sun Java JRE 1.5.x / 5.x 5.0.60.5 
This installation of Sun Java JRE 1.5.x / 5.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 5.0.60.5, however, the latest secure version released by the vendor, fixing one or more vulnerabilities, is 5.0.100.1.

Update Instructions:
Update to 5.0 Update 10 or later.
http://www.java.com/en/download/manual.jsp

NOTE. Older versions of Sun Java are not removed from your system when downloading and installing new versions from Sun. Therefore, if you have the latest Sun Java version installed, then you should consider removing all older versions of Sun Java from your system. This can be done via "Add/Remove Programs" in the Microsoft Windows "Control Panel". If you are in doubt about removing older versions of Sun Java then please contact the vendor for assistance.

Vulnerabilities Fixed:
Read about the vulnerabilities fixed with this update in Secunia advisory SA23757 (opens in a new window). The Secunia advisory describes the vulnerabilities fixed by the latest security update. If your installation is outdated with more than one version, then more vulnerabilities may be covered.


Installed on Your System in:
E:\Program Files\Java\jre1.5.0_06\bin\java.exe 
Sun Java JRE 1.5.x / 5.x 5.0.110.3 

Sun Java JRE 1.5.x / 5.x 5.0.100.3 

WinZip 10.x 10. (6667) 
This installation of WinZip 10.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 10. (6667), however, the latest secure version released by the vendor, fixing one or more vulnerabilities, is 10.0.7245.0.

Update Instructions:
Update to version 10.0 Build 7245.
http://www.winzip.com/

Vulnerabilities Fixed:
Read about the vulnerabilities fixed with this update in Secunia advisory SA22891 (opens in a new window). The Secunia advisory describes the vulnerabilities fixed by the latest security update. If your installation is outdated with more than one version, then more vulnerabilities may be covered.


Installed on Your System in:
E:\Program Files\WinZip\WINZIP32.EXE 
ZoneAlarm 6.x 6.5.737.000
________________________________________
I think I should just kill myself.


----------



## Ariesjill (May 16, 2006)

Update:

1) the above looks massive cause it covers both drives. Vulnerabilities only half wut they appear

2) For slme reason---I am on auto update re hotfixes---this thing caught two I really needed and did not get. this was good.

3) I did update some of the utilities as suggested, i.e. Adobe & couple of players. Couple of others, I refuse 2 believe put me in harm's way....cause I got they R about commercial crap/blundled stuff....not more secure versions of this or that.

End of report. I am now less "vulnerable," but wasn't AS.....as the thing suggested. Hah.

But not sorry I did this and others may wish to check it out.


----------

