@OLLI_S From what I can see, then detection of Rufus and SumatraPDf is working as expected. As you know, part of our detection relies on the original filenames, so when an app or user renames EXE files, it easily (and intentionally) bypasses our detection.
Posts made by Tom
-
RE: [Solved] Left Overs in WSCC
-
RE: Cygwin Filezilla detected as Widnows Filezilla
Is FileZilla a standard sub application of Cygwin?
Perhaps we should bundle it?
-
RE: Microsoft 365 Apps - No Longer Bundled
@OLLI_S We actually stopped bundling it a long time ago. When I look at your results, then I see all the 365 Apps.
There are two reasons we stopped bundling it. One is that Microsoft frequently releases unknown builds to a subset of systems, this breaks some logic that we rely upon. The other is that the Suite system doesn't support packages, so in order to support updating 365 Apps, we had to stop using the Suite bundle.
We may change this eventually, but it's not on the roadmap at the moment.
Btw. if some of your 365 Apps disappear, then it may be because you ran into one of those Unknown builds, please ping me directly, next time you only see some of them, then I can verify whether this is the reason.
-
RE: [Solved] FileZilla - No longer detected (Bug)
@OLLI_S Yes, I can see they changed some properties. It should be fixed now.
Thank you for reporting this.
-
RE: [RELEASE] SecTeer VulnDetect Agent v3.2.0.0 Recommended and v3.3.2.0 Preview - 2024-01-22
Version 3.3.0.0 is a available as a Tech Preview. Please install and run the Tech Preview on a few hosts and report if there are issues.
Please test 3.3.0.0 on a few selected hosts and report if you find issues:
https://vulndetect.com/dl/agents/secteerSetup-3.3.0.0.exe
https://vulndetect.com/dl/agents/secteerSetup-3.3.0.0.msi -
RE: [Solved] Norton Security - Vendor Incorrect
Thank you for letting us know (btw. we base it on the legal owner of the website, not the company name in the EXE, but the legal entity on the website has changed too).
-
RE: [Solved] WingetUI - Installed Version recommended
We've tweaked the detection, do let us know if it has improved.
-
RE: [Solved] Microsoft Edge WebView2 Runtime - Product-Page wrong
We've updated the links for Edge and Edge WebView2, thank you.
Edge WebView2 is a tad special, as there is different editions, some which are intended to be bundled with third party apps and then there is one which is system wide and can be shared by apps that need it.
The system wide one can be updated by simply running the latest installer, which is what we do, when you let VulnDetect update it.
The alternative is to let the built-in (Edge) updater update it.
Since many different applications use WebView2, it often takes time before it is updated (i.e. it often requires a system restart because important files are in use).
-
RE: [Corporate] Why do Ignore Rules expire?
@OLLI_S Good questions.
Most customers who requested this feature, want to periodically review the apps that they Ignored.
They are not deleted, they can simply be extended.
Yes, users do get an email stating that some Ignore rules will expire within X days.
On the Configuration page, there is a tab with Ignore rules, simply highlight X number of rules and click the Renew button, and they should be extended with another 90 days.
No, they all expire after 90 days by default.
Again, feedback is welcome on this feature, after you have used for a while. We are not certain that it is ideal, so we are open for suggestions once it has been used in "real life" for a while, -
RE: Filter by Status
@OLLI_S Thank you for the suggestion, it will be reviewed.
-
RE: Enhance Group Management
@OLLI_S Thank you for the suggestion, we will consider it, next time we review UI features.
-
RE: [Solved] Skype for desktop 8.107.0.215 not considered as latest
Hi Greg,
Indeed, on the 10th November 8.108.0.205 was the default version available for download, since it appears it has been reverted.
Thank you for letting us know, we will let 8.107.0.215 remain recommended for a bit longer. -
RE: New users, approvals and scammers
A quick follow up on this.
Yesterday, we conducted "The Purge", it involved deleting thousands of accounts, sadly we based this on IP addresses extrapolated from obvious SPAM/SCAM accounts. This clearly proved that a few specific countries known for underpaid labour and SPAM factories are central to this.
Thus, we have decided to implement IP based filtering. As crude and prejudiced as it may be, it is simply the easiest way to combat the majority of this frustrating and wasteful flooding.
If you have been impacted by this and have a legitimate interest in the site, please contact us by other means and we will help you restore access to the forum.
-
New users, approvals and scammers
Hi,
Welcome to VulnDetect dot org, the forum for discussing SecTeer VulnDetect and related subjects.
Sadly, we have been flooded with SPAM and SCAM posts from simpleminded individuals, criminals and underpaid off-shore workers.
We have therefore started a crude campaign to delete a vast number of accounts and the posts they attempt to make.
Sadly, it appears that we occasionally delete a legitimate post or user. We apologize for that.
Doing a proper vetting of a single registration and post is simply too time consuming.
We have therefore changed the registration process, so first of all you have to answer a simple question, it appears to stop half of the simpleminded individuals who are tasked with spamming sites such as ours, the rest, that means both legitimate users and scammers with a bit of cognitive abilities has to wait for an admin to reject or accept their profile.
We will attempt to do this daily, but can't promise that it always will be done in a timely fashion.
Most users who should have access to this site either already have a connection to a user in our community or knows an employee who works here. If not, please do spend a few minutes on the forum or on the parent website, to find alternate contact information and send us a request to approve your profile and post.
We apologize for all this, but we want to ensure that this forum has a high degree of relevant posts, without boring scam posts about ED, travel advice, erotic services and similar totally irrelevant and probably fraudulent content.
Thank you for your patience and understanding!
-
RE: Things I would look for in a new vulnerability detection program
@WacoJohn My apologies for this.
Please see this response:
https://vulndetect.org/post/6673 -
RE: vulndetect newcomer
@WacoJohn With regards to the "rejection", then I am deeply sorry if that happened. We have received an excessive amount of SCAM posts recently, so our purge might have been a tad excessive.
We did change the way we approve profiles instead, as we have thousands of "ghost" profiles.
To anyone else who gets rejected or "not-approved", please do not hesitate to contact us by other means, and we'll try to find you in the pile of fake profiles and SCAM posts and approve it.
-
RE: vulndetect newcomer
@WacoJohn Welcome to VulnDetect.
The Personal edition of VulnDetect only supports one Agent (installation / PC) per account (email).
I think this may be the reason for the confusion.
If you want to control 3 PC's, then I can give you a "Corporate" account, however, it is intended for a larger number of PC's than 3, so it may also not fit super well.
Our goal is to merge the Personal UI and the Corporate UI, so we get a more user friendly edition of the Corporate. However, I don't have any ETA on that project.
-
RE: [Solved] AnyDesk - Detected Version Incorrect
@OLLI_S It should be fixed upon next inspection, it is due to the way we show the version, when we don't have a "specific" version rule. We always add rules a few times a day, so this period should be brief in most cases.
-
RE: [Solved] Bundle "ColorCop" with "Screenshot Captor"
@OLLI_S And you got it today, so fast it can be...
I vaguely remember looking it ages ago, but I can't recall why I didn't complete it.
Anyway, it should be done, thank you for your patience
-
RE: Recuva Portable - Recommended Version not Available
@OLLI_S I will have to look deeper at this and find out with customers how prevalent this is and if it offers general value.
My initial point of view is that it often will be a duplication of these 450 or so apps that they support. And the issue is that I don't know if the issue we see with Speccy affects 1% or 99% of them. And for each that uses a different version, we would have to correlate the potentially unknown and unrelated version with the changelog from the original vendor.
For some that may be easy, but for Speccy I can't see how we can do it.
What you showed me with Speccy makes it a completely "new" and independent product, will PortableApps display e.g. security information (if that ever becomes relevant)?