# Secunia software inspector & update checker



## dvk01

http://secunia.com/software_inspector/

extremely useful and I strongly recommend bookmarking it & using it at least once a month



> Secunia Software Inspector
> 
> Feature Overview - The Secunia Software Inspector:
> * Detects insecure versions of applications installed
> * Verifies that all Microsoft patches are applied
> * Assists you in updating your system and applications
> * Runs through your browser. No installation or download is required.
> 
> How Does it Work:
> The Secunia Software Inspector relies on carefully crafted "Secunia File Signatures" to recognise
> applications on your system. The detected applications are then matched against our "Secunia
> Advisory Intelligence" to determine whether an application is up-to-date or not. The results are
> then used to advise you on how to update to more secure releases of the insecure applications.
> 
> Microsoft Windows Update is used to determine if your system is missing security updates from
> Microsoft.
> 
> The Secunia Software Inspector covers the most common/popular end user applications:
> * Internet browsers
> * Internet browser plugins
> * Instant messaging clients
> * Email clients
> * Media players
> * Operating systems


----------



## TOGG

Interesting update from Secunia's weekly summary;

"A quick update and some statistics from the Secunia Software Inspector.

Since the launch of the Secunia Software Inspector it has inspected
over 400,000 detected applications, tagging over 35% of the inspected
applications as insecure!

For IE 6.x users, 4.12% were insecure, which is a good sign; most
people probably are aware of using Windows updates to get new IE
versions.

More than one third of Firefox 1.x users (35.47%) were found to be
running vulnerable versions; while Opera users were safer, with only
13.04% running vulnerable versions of Opera 9.x.

For Adobe Flash 9.x users, over 53% were running insecure versions; a
testament to both the popularity of Flash-based web content, and the
lack of awareness on Flash vulnerabilities.

Be sure to check your own system:
http://secunia.com/software_inspector/"


----------



## aarhus2004

Minimum Requirements:
* *Windows 2000, Windows XP, or Windows 2003*
* Sun Java JRE 1.5.0_06
* Internet Explorer 6.x, Opera 9.x, or Firefox 1.5.x
* Latest version of Microsoft Windows Update


----------



## dvk01

aarhus2004 said:


> Minimum Requirements:
> * *Windows 2000, Windows XP, or Windows 2003*
> * Sun Java JRE 1.5.0_06
> * Internet Explorer 6.x, Opera 9.x, or Firefox 1.5.x
> * Latest version of Microsoft Windows Update


In other words only Currently supported Microsoft operating systems

as updates are no longer issued for ME or 98 why check


----------



## aarhus2004

A format and reinstall requires updates which are still available.

A reading of the Secunia post #1 does not make clear that in fact the tool does not apply to Windows 9x. I ran it and got a report showing many entries all to do with missing .exe files - which. since I currently have no issues with my computer, made no sense to me - an average user. So I read more closely the Secunia web site.

Hence I thought my post to be a heads-up for other 9x users. Please delete my posts if deemed necessary.


----------



## dvk01

No need to delete your posts and the warning is a good one
getting off topic 
I don't know how long any 98 or ME updates will remain on the windows site 

I suspect that it won't be very long before they vanish completely 

Microsoft & many other vendors don't want to support 9x in any shape or form and many antiviruses or antitrojans won't work with 9x either 

I know a lot of people still have those op systems but there comes a time when they have to go 

how many model T Fords do you still see in daily use  come to that how many cars from the 19870's are still in roadworthy legal condition, not many in most countries (especially in Europe)


----------



## SaraSG1

Hey, I had a question about Secunia. It said that I had 5 versions of Macromedia Flash player that are unsafe. But, they aren't in the Add/Remove programs list. Secunia said they were located here:

C:\WINDOWS\SYSTEM32\Macromed\Flash\Flash.ocx
C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32.dll
C:\WINDOWS\SYSTEM32\Macromed\Flash\Flash8.ocx
C:\Program Files\Common Files\AOL\Flasha.ocx
C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll

What can I do to get rid of them? I was afraid to just delete them, the windows folder doesn't seem like something I should play with. (Also. How do I have AOL remnants on this computer? I uninstalled that crap minutes after I got my computer home.)


----------



## dvk01

SaraSG1 said:


> Hey, I had a question about Secunia. It said that I had 5 versions of Macromedia Flash player that are unsafe. But, they aren't in the Add/Remove programs list. Secunia said they were located here:
> 
> C:\WINDOWS\SYSTEM32\Macromed\Flash\Flash.ocx
> C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32.dll
> C:\WINDOWS\SYSTEM32\Macromed\Flash\Flash8.ocx
> C:\Program Files\Common Files\AOL\Flasha.ocx
> C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
> 
> What can I do to get rid of them? I was afraid to just delete them, the windows folder doesn't seem like something I should play with. (Also. How do I have AOL remnants on this computer? I uninstalled that crap minutes after I got my computer home.)


just delete them


----------



## hewee

If you have Firefox and want to use flash then I know you need NPSWF32.dll


----------



## THoey

This is a really good tool. Found several items that I need to update. Only problem I had was that it kept finding an old version of Macromedia Flash player. Went out and downloaded the new version, installed it, tested again, and it was still there. Uninstalled it, re-installed it, tested again, and it was still there. Appears the following file just was left over from a previous install:

C:\WINDOWS\SYSTEM32\Macromed\Flash\Flash.ocx

Not sure how that happened as this is a pretty new PC, but just wanted to let someone know in case they have the same issue. The tool even tells you the location of the file causing the problem.


----------



## dotty999

dvk01 said:


> http://secunia.com/software_inspector/
> 
> extremely useful and I strongly recommend bookmarking it & using it at least once a month


I did all the required updates however... it still says the adobe flash player needs updating even though it has successfully been updated there's a problem somewhere or other


----------



## Steroids

agrred it gave me the same error for adobe.. and macromedia... and i did the updates so i just ignored it...


----------



## j-mcallister

same problem here !! maybe its a problem with the website ??


----------



## dvk01

IT is a genuine detection and nothing wrong with the web site & it is telling you that when you update the old versions are left behind


I suggest you uninstall old versions first, delete any left over files & tehn install the new version 

and then complain to macromedia & Adobe for not removing the old versions when they install new ones


----------



## Byteman

They are right on the money for mine...


----------



## clannie

I did the Secunia test and was pleased with the results,however could someone have a look at the last entry which has Java entered twice.Should I uninstall one of them ?Will try to add screenshots to help identify as there is only one entry in add/remove.Thanks.


----------



## TOGG

Have a look at this thread; http://forums.techguy.org/security/525919-java-version-6-now-available.html particularly #17 and my contribution #31.

Sun's numbering system does sometimes confuse and they do appear to have issued two JRE versions quite close together, JRE 5 Update 11 and JRE 6. I am still using '98 so I have the same version as you, 1.05.11 but XP and Vista users should probably have 1.6.

I got mine on 1st February, it was signed by Sun on 15th December 06 and it still appears on some Sun webpages as the 'latest' version! Perhaps investigating the links provided in the thread I referred to above will produce some clarification?


----------



## ozgal

I tried to follow your advice on the Secunia Software Inspector, but it kept saying I've got an old version of Java. So I followed your (later) advice on removing all old java versions and downloading version 6, but it still says I've got an outdated version of Java. When I click to continue on anyway, the INspector fails to run and says "there might be problems loading the java applet in your browser'. Can anyone help?
Thanks


----------



## TOGG

Secunia's Software Inspector doesn't run on '98 so I don't know anything about it. I wonder if the 'problem' could be as simple as the fact that Sun may have 'signed' JRE 6 a few days before 1. 5 Update 11 so, in simple date terms at least, 1.05.11 is 'newer than 6?

Both Java versions are mentioned in the list of applications the Inspector checks, so I don't know why it sees 6 as a problem, unless my signing date theory is correct; http://secunia.com/software_inspector_applications/


----------



## ozgal

Good grief Togg how do you know all this? Don't you think you should get out more? Thanks for your help...I guess I just can't use the inspector on my system. Actually, I've been noticing this on lots of things; websites saying I need to upgrade before I visit their site, or download something, but when I do 'upgrade' to what they suggest, they still have the same message and still won't let me through. Is it possible one of my security settings is blocking their ability to identify my software?
Thanks again
Ozgal


----------



## TOGG

You're right, I should get out more but I'm a serial lurker at various Forums (or should that be Fora?).

The whole issue of Sun Java versions never seems to go away and I have today read a newsletter which suggests that 1.05.11 should be treated as the latest version because 1.06 hasn't been updated yet (which is odd because it was only issued last December).

You may well have a wider issue than just your Java version but I don't have any particular expertise with regard to browsing problems. What OS, browser and firewall do you use?. Posting the exact wording of the error messages you are getting could help one of the smart people here to help you.


----------



## escalader

Hi Togg:

Maybe you should stay in so I can ask more simple ?.

took the advice and went to Secunia Software Inspector site clicked on start and nothing seemed to be happening! Did a task manager and it said application was running.

1) do i need to stay connected for this to run? i think it is a yes, but it's either dead or slow.
2) should I turn off all my security software for this to work?

In the past when doing this I found parasites sneak in during slow.... on line stuff

3) How long should I expect this scan/report to take?


----------



## TOGG

escalader,
There seems to be an ongoing misunderstanding here. I most definitely am NOT expert on the Secunia Inspector program, it doesn't work with '98 so I have never used it.

For what it's worth, I definitely wouldn't disable or reduce my security to run this, or any other, online scanner program.

Have you seen this?; http://secunia.com/software_inspector/ It makes it clear that you have to stay online for it to work and doesn't require anything (such as an ActiveX control) to be installed. If you aren't getting any error messages about the slow progress of the scan, it could be that servers are busy. I assume you do have the Minimum Requirements for it to work?


----------



## escalader

TOGG:

It's OK I just ask questions, sometimes they get answers sometimes not. 

You answered good enough for me!

Every body here operates at their own risk, I'm the same!

Yes, my PC easily meets the criteria, but it just may be that ZA Pro blocks their site


----------



## TOGG

I would expect ZA Pro to be suspicious of being probed by a remote computer, but I would have thought that you would get a notification that the attempt was being made, perhaps with the option to allow it?

I know you can make special rules for ZAP but I've never understood exactly how it's done. I did manage to close certain ports when a particular threat was doing the rounds, but I don't think that would be relevant here. Time to wade through the ZA Help files or check their Forum?


----------



## GlacierRose

I had a problem with the Java not being installed error when I tried to run Secunia Software Inspector in Internet Explorer. I jumped through the hoops to make sure everything was enabled like it was supposed to be and the only site I can see Java in is the Sun website it says I have the most current version and I can see the little guy dancing.

I gave up for a day and went back and tried again with the same result in Internet Explorer, so I opened Firefox and it works in Firefox but I think ZA security suite is skewing my result or something is still amiss it says undefined has the latest security related patches installed.... enclosed is screen shot I'm guessing one of the undefined is the OS heck if I know what the other one is.

WinXP Home sp2
IE7
Firefox 1.5.0.10


----------



## escalader

Leave a AV and ASW on, disable ZA Suite and try again. 

If ZA distorts the results, and you turn it off , one would expect different results.

The inspector will run faster anyway and you already know ZA is up to date so inspector has nothing to report on re ZA.

Please report back so we can learn together!


----------



## GrDoorGuy

A fix to the old Flash version staying in the windows/system32/macromed folder even after you install an updated version is to run the uninstaller located in the previously mentioned directory. You'll notice it removes the majority of the files but leaves a couple behind. It leaves these because even after a system reboot Windows is convinced the ocx files for previous versions are still being used. My personal fix is to delete all the files from this folder except the protected ocx files. At that point just change the security properties of the offending ocx files to deny and install the new version of Flash.


----------



## ljs3509

Thanks!I will try!


----------

