SecTeer VulnDetect & PatchPro Support Forum VulnDetect
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Download VulnDetect Installer
    • Login

    [Work in progress] Hide bundled applications

    Scheduled Pinned Locked Moved Feature and Functionality Requests
    app-detection
    14 Posts 3 Posters 4.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      Tom VulnDetect Team Member
      last edited by

      We will not hide them completely, but they will be reported more subtle and in a way where only experts would want to spend that extra click or two to get the details.

      While this is work in progress, then it is not something you should expect very soon.

      /Tom
      Download the latest SecTeer VulnDetect agent here:
      https://vulndetect.com/dl/secteerSetup.exe

      1 Reply Last reply Reply Quote 0
      • T Offline
        Tom VulnDetect Team Member
        last edited by

        Finally, we are getting ready to launch this new feature. We have run the first tests in the test environment and are ready to update the backend either tomorrow or Monday.

        The first iteration will hide (disregard) the bundled apps.

        However, we expect to make an update for the UI very soon, that will allow you to view the hidden bundled applications.

        Please, do start to report bundled applications, in most cases, all we need is a copy of the path of e.g. Java, Flash, curl or whatever program that is part of another parent installation.

        /Tom
        Download the latest SecTeer VulnDetect agent here:
        https://vulndetect.com/dl/secteerSetup.exe

        1 Reply Last reply Reply Quote 0
        • T Offline
          Tom VulnDetect Team Member
          last edited by

          The UI has been updated two days ago, to support bundled applications. This means that most bundled applications can be viewed in the UI.

          Any feedback on bundling is welcome.

          When you see detections of e.g. 7-Zip, curl, Java and so on, that are actually part of other programs, please post it, send it via email or in the chat and we will create both the parent product and create the bundling specification that relates the two pieces of software.

          /Tom
          Download the latest SecTeer VulnDetect agent here:
          https://vulndetect.com/dl/secteerSetup.exe

          A 1 Reply Last reply Reply Quote 0
          • OLLI_SO Offline
            OLLI_S Community Moderator
            last edited by OLLI_S

            Cool, @Tom that VulnDetect now supports Bundled Apps.

            1 Reply Last reply Reply Quote 0
            • A Offline
              Anselm @Tom
              last edited by

              @Tom do you talk about exe or dll? I think you have a lot of programs bundled together e.g. with 7zip.dll or unrar.dll.

              T 1 Reply Last reply Reply Quote 0
              • T Offline
                Tom VulnDetect Team Member @Anselm
                last edited by

                @Anselm Currently, we will limit it to the products that we already detect.

                The detection of libraries / DLLs is not within our current scope. Though we may create a few exceptions, when there is major issues like with "unacev2.dll".

                /Tom
                Download the latest SecTeer VulnDetect agent here:
                https://vulndetect.com/dl/secteerSetup.exe

                A 1 Reply Last reply Reply Quote 0
                • A Offline
                  Anselm @Tom
                  last edited by

                  @Tom ok, but: if you have a vulnerability in the exe file, you also have it in the dll. And often applications bundles the dll and not the exe.

                  T 1 Reply Last reply Reply Quote 0
                  • T Offline
                    Tom VulnDetect Team Member @Anselm
                    last edited by

                    @Anselm
                    That is true.
                    However, it is still the responsibility of the parent program to report this and fix it. You are likely to break many programs if you just replace the DLL.
                    We will keep an eye out for this and add detection for DLLs when we become aware of programs that bundle vulnerable versions and "provide" a vector to exploit it (very often Java and AIR vulnerabilities can't be exploited, because there is no feasible vector, the same is the case for many DLLs).

                    /Tom
                    Download the latest SecTeer VulnDetect agent here:
                    https://vulndetect.com/dl/secteerSetup.exe

                    OLLI_SO 1 Reply Last reply Reply Quote 0
                    • OLLI_SO Offline
                      OLLI_S Community Moderator @Tom
                      last edited by

                      @Tom VulnDetect (Personal) offers bundling and as far as I can see this topic here can be closed.
                      Or is there any specific reason, why you want to leave it opened?

                      T 1 Reply Last reply Reply Quote 0
                      • T Offline
                        Tom VulnDetect Team Member @OLLI_S
                        last edited by

                        @olli_s We can close it, I see you opened something similar for the corporate edition

                        /Tom
                        Download the latest SecTeer VulnDetect agent here:
                        https://vulndetect.com/dl/secteerSetup.exe

                        OLLI_SO 1 Reply Last reply Reply Quote 0
                        • OLLI_SO Offline
                          OLLI_S Community Moderator @Tom
                          last edited by

                          @tom said in [Work in progress] Hide bundled applications:

                          I see you opened something similar for the corporate edition

                          Wich topic to you mean?

                          1 Reply Last reply Reply Quote 0
                          • T Tom referenced this topic on
                          • First post
                            Last post
                          Download SecTeer Personal VulnDetect - an alternative to the long lost Secunia PSI

                          Please see our Privacy and Data Processing Policy
                          Sponsored and operated by SecTeer | VulnDetect is a replacement for the EoL Secunia PSI
                          Forum software by NodeBB