Spyware Warrior

[SEAN M87]

my kaspersky internet security has detected some vulnerabilities they are as follows-


c:/programfiles/adobe/reader/8.0/reader/plug_ins/annots.api

and

c:/windows/system32/java.exe

there criticality is very dangerous. can anyone please give me any advise on improving the security on these.
thanks.

[Osage]

To Sean M87,

If you had heeded the question wyrmrider asked---have you ever run secunia software inspector?

You probably would have gotten the same answer. That software is outdated, rather powerful, and it has now known security holes in it. As a result, the respective vendors, adobe, and java have already updated their software to patch those security holes, which fixes nothing if you keep running the old vulnerable versions
on your computer.

In my case, I have chucked adobe entirely, and now run the foxit adobe reader instead. Because I got tired of downloading ever newer but huge adobe versions every month or so.

Another similar chronic problem is java which is needed by most, and the latest version is 1.6.0.7. And installing the newest version does not uninstall the older versions. And that should be done in add remove programs just before you install the new version.

And if you just google secunia, you will probably discover more vulnerable software on your computer.

[SEAN M87]

what do you recommend i do?
could you possibly provide any links to get the new versions (if recommended). ive only had my own comp for about 8 months (internet only 3 months). although i did know a bit before i got it im still fairly new (especially to vista) so forgive me if i am sometimes sounding basic.

oh and i havent tried that security software mentioned. even if it is better that kaspersky. im happy for now.
thanks.

[Tarq57]

The Secunia software inspector is not intended as a replacement for a security application. It is a checker for out of date/vulnerable software installed on a computer. This includes Windows updates, Java, and a large range of other applications which are usually installed on top of a windows installation. There are two versions, and online scanner, http://secunia.com/vulnerability_scanning/online/ and on the same page, a downloadable version called PSI, which runs on the PC all the time, monitoring software.
It will alert you to what is out of date, and how to update it.
Recommended.
It is absolutely NOT intended this be used instead of an AV/firewall etc; it is a totally different function.
As stated above, remove old versions of Java before getting a new one. If you Google "verify java" and go to the first search result you will see how out of date your Java is.
I use JavaRa, a very nice program available here http://raproducts.org/ to keep mine up to date. This has the added benefit of thoroughly removing your earlier version/s.
Why on Earth the Java folk can't/don't automatically uninstall their old versions is beyond me. Just for a bit of research, "Google" around for some HJT logs, you will see that a very large percentage of those submitting these logs for help have out of date software installed, especially Java.

[SEAN M87]

ok just to be on the safe side can i get the latest java first then uninstall the old one. or would i have to uninstall first.
also i have one file on my programs and features called java se runtime environment 6. is that the old main file i need to delete?

[Tarq57]

I'd just get JavaRa and let it do it for you.
Can get needlessly complicated, otherwise. There are so many different Java applications.

[SEAN M87]

ok under javaRa do i download-
windows binary (zip file)
or
secure code (written in c++)

or something else maybe.
cheers.

[Tarq57]

Easiest to download the binary. Contains the executable, and a text (info/license) file.
Extract (unzip) the .exe to a location of your choice, and run it.
Have a look at the forum page here: http://www.lunarsoft.net/forum/index.php?showtopic=2714
Lots of info and help.

[wyrmrider]

HI
Java is not a security program like an anti-virus or firewall
so removing all the old versions with javara before installing the new version does not leave you vulnerable during the changeover
leaving the old versions installed DOES leave you vulnerable

keep posting and we will get you protected
an ounce of prevention...

some more background
Microsoft has some security advisers but these are aimed mostly at network administrators and do not cover the third party apps

[SEAN M87]

yeah but do i search for updates.
using jucheck.exe
or
using sun javas website.

[Tarq57]

Use either. However, if you remove the old versions first, the jucheck won't work (of course - it ain't there.)
With Javara you can use the internal java updater (jucheck.exe) install the new, then use Javara to safely and comprehnsively remove the old.
Therein lies a lot of its' usefulness. Manually removing the old files tends to be time consuming, and unless you know where to look, easy to miss one.
If you uninstall it then go to the Java site to install a new version, the sheer number of different downloads available - some running to several Mb - can be overwhelming.
So.
Just use the jucheck, install the new, then remove all old versions.
Let us know how you go.

[SEAN M87]

sorry for late reply. just finished work at half 8.
thanks for your time and i have one final question about java if i may.
there is now a new file on my programs and features called java 6 update 7 (must be new one). but ive ran the remove old versions on javara, it removed an old file.
but on my programs and features there is still a file called java se runtime environment 6 do i uninstall that or leave it.
thanks.

[Tarq57]

Leave it. One will be in the program files, the other in windows/system 32.
Provided you're up to date and javara has removed the old versions, you should be good.
Now of course, you can check it with the secunia inspector.
You may be surprised at what it finds.

[SEAN M87]

shall i use the online scanner or the download option.
also could you post a direct link. (or shall i use the link provided in one of the previous posts.)

[Tarq57]

Use whichever you prefer. I'd try the online scan first - it will ask to install a plugin and to gather information from your system, if you see the value/like it consider installing the PSI. The link is posted above, the download for PSI is on that page, also.

[SEAN M87]

it has picked up on the new version but there is a box above it with an old version there. but im thinking that the scan was not finished before it noticed the newer one. as there i a box at the bottom with a green tick and confirming that java is up to date, (should i ignore the one above it)

also my adobe is out of date should i use the link provided, to update it to version 9.

also thanks for sticking to my post this long, i appriciate it.

[Tarq57]

Not sure what you've done, so far. Did you run JavaRa, and have it remove the old version/s yet? And did you use the online Secunia inspector, or install the PSI?
Generally, if one of the Java versions is lsted as out of date you remove it. This can be done with JavaRa (recommended) or manually, by locating the particular file described and deleting it. Don't ignore it, just because there is another up to date version installed.

Adobe out of date? I seem to recall recently reading about a significant patch/update released by Adobe for this. I also seem to recall some users had problems updating.
I use Foxit reader for PDF's (also recommended) so I don't really know about it, sorry. Looking around the web, the current version of Adobe reader is 9. Its a ~34Mb download!
Some more info here. http://secunia.com/advisories/30832/
No problem with helping at all, worthwhile getting this sorted. Being up to date is one of the best protections you can have. (Apart from firewalls etc.)

[Tarq57]

PS, Adobe makes lots of stuff, so it may not be the Adobe Reader that is being flagged as out of date. It could well be the flash player, or something else.
Let me know which it is.
Off to work now, won't be responding for a few hours.
Others may well respond, though.

[SEAN M87]

should i remove the old version of java on my programs and features, which javaRa did not remove. maybe that would totally remove all old files and would not show up on secunia software inspector.

[SEAN M87]

ok just got the latest version of adobe 9 from secunia.
going out myself. see you later.

[Tarq57]

[SEAN M87]

sorry for late reply again.
it's fine. it said on secunia, that i might have to remove an old version on my programs and features. i did, then i ran the scan again and everything was fine.
you were right, there was two flash player security problems. aswell as the main adobe (yeah its 33mb or something). anyway they are all up to date and i thank you.

[Tarq57]

Superb. Glad to have helped. If you like the way the Secunia scan works, you might like to consider installing the PSI.
Pluses: -It will alert you pretty much as soon as a vulnerability in any of your software is reported/patch-able.
- It has a greater database of covered software than the online version.
- It offers a fairly straightforward "follow these steps" procedure for patching and updating.
Minuses: - It gets a little busy when the computer is first started, checking in with the homesite. This only lasts a minute or so, though.