SecTeer VulnDetect & PatchPro Support Forum VulnDetect
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Download VulnDetect Installer
    • Login

    FreeFileSync - Bundling Issue

    Scheduled Pinned Locked Moved Bundling Issues
    bundlingapp-detection
    4 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • OLLI_SO Offline
      OLLI_S Community Moderator
      last edited by

      I have installed FreeFileSync normally (not Portable) and I see the following files:

      1. C:\Program Files\FreeFileSync\FreeFileSync.exe
      2. C:\Program Files\FreeFileSync\Bin\FreeFileSync_Win32.exe
      3. C:\Program Files\FreeFileSync\Bin\FreeFileSync_x64.exe

      File 1. is detected by VulnDetect.
      It is only 464 KB in size and is only a Launcher that starts the correct EXE file (files 2. or 3.) depending on your system.
      So when I start FreeFileSync.exe (launcher) then the FreeFileSync_x64.exe is started as child process:

      FreeFileSync_Process_Tree.png

      So here you should show FreeFileSync (the launcher) as root application and show FreeFileSync (32-Bit) and FreeFileSync (64-Bit) as bundled applications.

      1 Reply Last reply Reply Quote 0
      • T Offline
        Tom VulnDetect Team Member
        last edited by

        The purpose of bundling is not to include all executables or libraries.

        In the case of FreeFileSync it is sufficient to detect the "launcher" as it contains sufficient with information and the vendor seems to have a solid policy of supplying useful and updated version information in both the launcher and the architecture specific executables.

        Bundling is primarily used to "bundle" certain applications (or in some cases libraries) such as 7-Zip, Java, Flash, NodeJS and others, which shouldn't be updated separately, but rather together with the program that bundles these.

        Coincidentally, bundling is also useful in the cases where the original vendor supplies multiple main executables (either with different architectures or due to updates) and these happen to be the best choice for detecting the presence of the program.

        We only display bundled programs, because we know that many power users such as you and @Anselm (I guess) like to know about these and their security state (and so do I 🙂 )

        /Tom
        Download the latest SecTeer VulnDetect agent here:
        https://vulndetect.com/dl/secteerSetup.exe

        1 Reply Last reply Reply Quote 0
        • OLLI_SO Offline
          OLLI_S Community Moderator
          last edited by

          @Tom said in FreeFileSync - Bundling Issue:

          Coincidentally, bundling is also useful in the cases where the original vendor supplies multiple main executables (either with different architectures or due to updates) and these happen to be the best choice for detecting the presence of the program.

          FreeFileSync provides a 32-Bit and a 64-Bit version.
          Same as CCleaner, Speccy and many others (that are already bundled).

          T 1 Reply Last reply Reply Quote 0
          • T Offline
            Tom VulnDetect Team Member @OLLI_S
            last edited by

            @OLLI_S Like I said below, then this is not the same case as the other ones you mentioned.

            /Tom
            Download the latest SecTeer VulnDetect agent here:
            https://vulndetect.com/dl/secteerSetup.exe

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Download SecTeer Personal VulnDetect - an alternative to the long lost Secunia PSI

            Please see our Privacy and Data Processing Policy
            Sponsored and operated by SecTeer | VulnDetect is a replacement for the EoL Secunia PSI
            Forum software by NodeBB