Author Topic: Avast interrupted download of Panda ActiveX & KB917344 missing issue  (Read 15353 times)

0 Members and 1 Guest are viewing this topic.

Port_H

  • Guest
Re: Avast interrupted download of Panda ActiveX !
« Reply #15 on: October 16, 2007, 02:34:42 AM »
Yes, now i have a new problem. Sometimes it seems one problem never comes alone. If you can't help me in this thread, please suggest me other site or forum where i can seek for help.
Trend Micro Housecall detected the following vulnerability in my system - See the image attached to this post.


The link More information about this vulnerability and its elimination points to the Microsoft Security Bulletin MS06-023, published in June 13, 2006. It describes the Microsoft security update 'Vulnerability in Microsoft JScript Could Allow Remote Code Execution (917344)'. Under Affected components, the one that corresponds to my OS is 'Microsoft JScript 5.6 on Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2'. In Windows Control Panel>Add and remove programs, i searched through all of my Windows updates installed and didn't found KB917344. I also went to Microsoft Update Website and it doesn't detect any priority update missing in my system. I don't know if i should install this update, alone or with 'Cumulative Security Update for Internet Explorer (916281)' -see Caveats in Microsoft Security Bulletin MS06-023. Question is, since these updates were published on June 2006, how do i know if i have a more recent Windows update which replace these, and are they really necessary? Will they conflict with an already installed update? Why aren't they detected as priority updates to download in the Microsoft Update website?
« Last Edit: October 16, 2007, 02:43:10 AM by Port_H »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: Avast interrupted download of Panda ActiveX !
« Reply #16 on: October 16, 2007, 03:38:58 AM »
I would suggest you check out the Microsoft KB

Well you can download Belarc Advisor (http://www.belarc.com/), download, install and run that it will tell you what security updates you have and also list those you don't have. Check and ensure you have the update.

Now the problem you are probably wondering about is the word Cumulative or at least I am as I would have thought later Cumulative updates should also have covered this but possibly not. So I would tend to suggest you do the cumulative update for IE (916281), if you haven't already kept your OS up to date belarc may advise you of other missing updates and you may have to reinstall the latest October "MS07-057  Cumulative Security Update for Internet Explorer (939653)"

Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Port_H

  • Guest
Re: Avast interrupted download of Panda ActiveX !
« Reply #17 on: October 16, 2007, 09:21:22 PM »
OK. I downloaded and installed Belarc Advisor. It seems to be a useful application. Two things on its report caught my attention:

The first:

Missing Microsoft Security Hotfixes
KB939653-IE7 - Critical  (details...) These required security hotfixes (using the 10/09/2007 Microsoft Security Bulletin Summary) were not found installed. Note: CIS benchmarks require that Critical and Important severity security hotfixes must be installed.

The second:

Installed Microsoft Hotfixes
...
X       KB917344  on 06-08-2007  (details...) Reinstall!


About the first, i followed the link (details...). It points to a Microsoft page titled MS07-057: Cumulative security update for Internet Explorer. There, are followed the first link View products that this article applies to. I saw this:

APPLIES TO
• Microsoft Internet Explorer 6.0 Service Pack 1
• Microsoft Internet Explorer 6.0 Service Pack 1
• Microsoft Internet Explorer 6.0 Service Pack 1
• Microsoft Internet Explorer 6.0
• Microsoft Internet Explorer 6.0
• Microsoft Internet Explorer 6.0
• Microsoft Internet Explorer 6.0
• Microsoft Internet Explorer 6.0
• Microsoft Internet Explorer 6.0
• Microsoft Internet Explorer 6.0

Strange, isn't it ? And IE7 -the browser i'm using- does not appear in the list. Do you think i should install this ?
 
About the second, i followed the link (details...). It points to a Microsoft page titled MS06-023: Vulnerability in Microsoft JScript could allow remote code execution. There, the link to be followed by Home users -http://www.microsoft.com/athome/security/update/bulletins/200606.mspx- directed me to a useless page: they tell that to get the update, i should go to Windows Update, or to Microsoft Update, which is useless, as a explained before. So, i followed the link for IT professionals (which i'm not) -http://www.microsoft.com/technet/security/bulletin/ms06-023.mspx- and saw a familiar page. There, under Affected components, clicked the link corresponding to my OS -Download the update. First, under Quick Details, changed language to Portuguese, then if i click on the link to Download files below, i have to choose from a list of files to download: see the attached file. Since i use the portuguese version of Windoxs XP Home, i guess i should download one of this two: WindowsXP-KB917344-x86-PTB.exe or WindowsXP-KB917344-x86-PTG.exe. Which one, i'm not sure. Perhaps the PTG ? (yeah, this sounds like a DUMMY/DUMB question)

Any advices on both of the two Hotfixes i mentioned -the first and the second ?
I took approx. 3 hours writing this post...  :(



 
« Last Edit: October 16, 2007, 09:38:22 PM by Port_H »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: Avast interrupted download of Panda ActiveX !
« Reply #18 on: October 16, 2007, 10:29:01 PM »
If you are only being notified of two updates by belarc, your system is reasonably up to date so you may be better just visiting the windowsupdate site and let it determine what updates you require.

Since housecall and belarc both see the JS vulnerability and the more recent one MS07-057 was only released recently so might not have been included in the housecall check.

I'm probably more in the dark on PTB or PTG but I would have thought PTG
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Port_H

  • Guest
Re: Avast interrupted download of Panda ActiveX !
« Reply #19 on: October 17, 2007, 12:59:40 AM »
If you are only being notified of two updates by belarc, your system is reasonably up to date so you may be better just visiting the windowsupdate site and let it determine what updates you require.

I also went to Microsoft Update Website and it doesn't detect any priority update missing in my system.(...)Why aren't they detected as priority updates to download in the Microsoft Update website?

This hasn't changed. I just went to Microsoft Update site, and the only new priority update it detected was a new Definition Update for Windows Defender. I also checked the Optional (non priority) updates available, but none of them matches the ones detected by Belarc Advisor/Housecall.
My system may be "reasonably up to date", but it also may be "reasonably at risk" if it is missing "only" two critical and important updates...What do you think ?
« Last Edit: October 17, 2007, 01:35:30 AM by Port_H »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: Avast interrupted download of Panda ActiveX !
« Reply #20 on: October 17, 2007, 02:04:12 AM »
I would have thought it better to go to windows update as that concentrates only on windows OS and related updates rather than microsoft update which also includes all other MS products.

Though that would/should include OS and related updates.

I simply don't know enough to offer any cast iron advice I don't know your OS as many of the updates are also OS dependant.

This however, does say IE7 is effected in both XP and Vista with IE7, http://www.microsoft.com/technet/security/bulletin/ms07-057.mspx.

The javascript one http://www.microsoft.com/technet/security/bulletin/ms06-023.mspx

I feel even if it is from 2006 it should be downloaded and you will have to check if it is PTB or PTG and I suspect the latter. Since this one is also a cumulative IE seurity update you should install this one first as it is an older update and there would also appear to be another one you need to check with belarc if it has been installed, see below

Quote
Caveats: Microsoft is releasing this update as a companion to the update included with  Microsoft Security Bulletin MS06-021: Cumulative Security Update for Internet Explorer (916281). We recommend that you install this update at the same time as that update as a security update in that bulletin could expose this vulnerability or cause application compatibility issues.

This is the problem with the manual checking for updates as you often up in a circular route, which is very difficult to decipher. When you then add the the fact that you are also looking at the Portuguese version there are further complications as the security bulletins are based on the English versions as far as I'm aware. As I said previously I simply don't know enough about this.

I'm sorry if this isn't too helpful.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Avast interrupted download of Panda ActiveX !
« Reply #21 on: October 17, 2007, 02:23:26 AM »
i guess i should download one of this two: WindowsXP-KB917344-x86-PTB.exe or WindowsXP-KB917344-x86-PTG.exe. Which one, i'm not sure. Perhaps the PTG ? (yeah, this sounds like a DUMMY/DUMB question)
PTB is Portuguese-Brazilian. PTG is Portuguese (Portugal).
The best things in life are free.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Avast interrupted download of Panda ActiveX !
« Reply #22 on: October 17, 2007, 02:38:43 AM »
I've tested Belarc now and seems a false positive.
For me, the KB937143-IE7 is missed... but Windows Update says nothing.
You should believe more on Windows Update than Belarc.
The best things in life are free.

Port_H

  • Guest
Re: Avast interrupted download of Panda ActiveX !
« Reply #23 on: October 17, 2007, 09:04:15 PM »
I would have thought it better to go to windows update as that concentrates only on windows OS and related updates rather than microsoft update which also includes all other MS products.

Though that would/should include OS and related updates.

As i upgraded from Windows Update to Microsoft Update, even if i try to go to Windows Update site, my browser automatically redirects me to the Microsoft Update site. Unless, if i try to downgrade my system configuration to revert back to Windows Update. But i thought that all the updates from the Windows Update site were also available at Microsoft Update site. Isn't this true?

I simply don't know enough to offer any cast iron advice I don't know your OS as many of the updates are also OS dependant.

I already told in Reply#17 that i'm using the the portuguese version of Windows XP Home Edition. I haven't specified tough that it is Service Pack 2 (build 2600).

The javascript one http://www.microsoft.com/technet/security/bulletin/ms06-023.mspx

I feel even if it is from 2006 it should be downloaded and you will have to check if it is PTB or PTG and I suspect the latter. Since this one is also a cumulative IE seurity update you should install this one first as it is an older update...

Where did you read that 'Vulnerability in Microsoft JScript Could Allow Remote Code Execution (917344)' is also a cumulative IE security update ? I didn't find that information in Microsoft Security Bulletin MS06-023. Internet Explorer doesn't appear either under Affected components.

...and there would also appear to be another one you need to check with belarc if it has been installed, see below

Quote
Caveats: Microsoft is releasing this update as a companion to the update included with  Microsoft Security Bulletin MS06-021: Cumulative Security Update for Internet Explorer (916281). We recommend that you install this update at the same time as that update as a security update in that bulletin could expose this vulnerability or cause application compatibility issues.
About this one, i don't have it installed, but nor Belarc Advisor nor Housecall reported it as a missing update. In the Microsoft Security Bulletin MS06-021, under Affected Components, i see IE 5.01 SP4 and several versions of IE6, but find no IE7. Perhaps this update isn't for IE7 ?

When you then add the the fact that you are also looking at the Portuguese version there are further complications as the security bulletins are based on the English versions as far as I'm aware.
I think that the language issue adds no further complications. I searched and found the security bulletins for the same updates, but written in portuguese. Furthermore, in the download page of the security updates, under Quick Details, if you change the language to Portuguese and click the 'Change' button, the portuguese page for that download is shown, and the file ...-ENU.exe shifts to ...-PTG.exe (e.g. 'IE7-WindowsXP-KB939653-x86-ENU.exe' shifts to 'IE7-WindowsXP-KB939653-x86-PTG.exe').

PTB is Portuguese-Brazilian. PTG is Portuguese (Portugal).

Yeah, i also confirmed that.

I've tested Belarc now and seems a false positive.
For me, the KB937143-IE7 is missed... but Windows Update says nothing.
You should believe more on Windows Update than Belarc.

Hey, I have that specific update, the one that Belarc reports as missing in your System. I've downloaded and installed it on August, 15 2007 via automatic updates. If you have IE7 installed, i couldn't think of a reason why you don't have it and i have it. Please go to Your Windows Control Panel>Add or Remove programs. Verify the check box 'Mostrar atualizações' (or 'Show updates'?) in the top of the window. Then scroll down until you see 'Windows Internet Explorer 7 - Atualizações de Software' (or 'Windows Internet Explorer 7 - Software Updates'?), and under that, check the updates installed, and confirm whether you have it or not.
I'm not sure if i should trust Windows Update. Is it to be considered foolproof ? Both Trend Micro Housecall and Belarc Advisor reported KB917344 as a missing update/vulnerability, not just Belarc.

P.S. This time, i took more than 5 hours to write this post! This must come to an end! :(
« Last Edit: October 17, 2007, 09:31:44 PM by Port_H »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: Avast interrupted download of Panda ActiveX !
« Reply #24 on: October 17, 2007, 09:24:52 PM »
The Javascript vulnerability and the IE cumulative security update are related only in the caveat in 06-023 javascript vulnerability, that I quoted it states that it is recommended that you also install 06-021 update IE cumulative security.

Which is what I was saying about going round in circles when checking other links within these security bulletins, it makes it very complex.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Port_H

  • Guest
Re: Avast interrupted download of Panda ActiveX !
« Reply #25 on: October 17, 2007, 10:32:19 PM »
Yes, i agree that following links in the security bulletins which point to other related missing updates makes it very complex. I do not intend to install 916281 (Bulletin MS06-021), although i don't find it amongst my installed updates. First, that cumulative update wasn't reported as a required missing update nor by Belarc Advisor, nor by Housecall. Second, in the Microsoft Security Bulletin MS06-021, under Affected Components, i see IE 5.01 SP4 and several versions of IE6, but find no IE7. How do i know if IE7 itself or any IE7 cumulative update coming later (including KB939653 which failed verification by Belarc) replaced the need for the 916281 ? Do you get my point ?

Hey! I just found that, although Belarc Advisor failed verification of KB939653, this update is listed in my 'Add or Remove programs' under 'Windows Internet Explorer 7 - Software Updates' ! I'll remove it and reinstall it again, and see if Belarc detects it.

Port_H

  • Guest
Re: Avast interrupted download of Panda ActiveX !
« Reply #26 on: October 18, 2007, 12:51:47 PM »
I just uninstalled and reinstalled KB939653, and Belarc Advisor still fails verification of that update, so it's most probably a false positive.

Now, about KB917344, which both Trend Micro Housecall and Belarc Advisor reported as a missing update/vulnerability, i ckecked all my installed Windows Updates and Internet Explorer Updates listed in 'Add or Remove Programs' and verified that i don't have it. Could any of you who have Windows XP SP2 Home Edition and Internet Explorer 7 check in your system if it is listed under 'Add or Remove Programs', please ?

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Avast interrupted download of Panda ActiveX !
« Reply #27 on: October 18, 2007, 01:15:50 PM »
P.S. This time, i took more than 5 hours to write this post! This must come to an end! :(
Why are you taking so long to post?

I just uninstalled and reinstalled KB939653, and Belarc Advisor still fails verification of that update, so it's most probably a false positive.
Most probably...
The best things in life are free.

Port_H

  • Guest
Re: Avast interrupted download of Panda ActiveX !
« Reply #28 on: October 18, 2007, 06:06:49 PM »
Why are you taking so long to post?

That's because i have some difficulty in expressing exactly what i want to say, especially in English. Also i'm still learning how to use the SMF Bulletin Board Code, attach images to my posts, etc. Also, i had to look for the right webpages with the right links which i wanted to copy/past here.

Now, about KB917344, which both Trend Micro Housecall and Belarc Advisor reported as a missing update/vulnerability, i ckecked all my installed Windows Updates and Internet Explorer Updates listed in 'Add or Remove Programs' and verified that i don't have it. Could any of you who have Windows XP SP2 Home Edition and Internet Explorer 7 check in your system if it is listed under 'Add or Remove Programs', please ?

I'm still waiting for your answer, guys.

I've tested Belarc now and seems a false positive.
For me, the KB937143-IE7 is missed... but Windows Update says nothing.
You should believe more on Windows Update than Belarc.

Hey, I have that specific update, the one that Belarc reports as missing in your System. I've downloaded and installed it on August, 15 2007 via automatic updates. If you have IE7 installed, i couldn't think of a reason why you don't have it and i have it. Please go to Your Windows Control Panel>Add or Remove programs. Verify the check box 'Mostrar atualizações' (or 'Show updates'?) in the top of the window. Then scroll down until you see 'Windows Internet Explorer 7 - Atualizações de Software' (or 'Windows Internet Explorer 7 - Software Updates'?), and under that, check the updates installed, and confirm whether you have it or not.

So Tech, is KB937143-IE7 truly missing in your system, like Belarc reported (even tough Windows Update says nothing), or rather, you confirmed that you have it, and so Belarc wrongly reported it as missing ? It would be useful to know.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Avast interrupted download of Panda ActiveX !
« Reply #29 on: October 18, 2007, 09:23:53 PM »
That's because i have some difficulty in expressing exactly what i want to say, especially in English. Also i'm still learning how to use the SMF Bulletin Board Code, attach images to my posts, etc. Also, i had to look for the right webpages with the right links which i wanted to copy/past here.
I would say you're pretty good on this. You're learning fast. Your posts are in pretty English and very well formated too. Congratulations.

So Tech, is KB937143-IE7 truly missing in your system, like Belarc reported (even tough Windows Update says nothing), or rather, you confirmed that you have it, and so Belarc wrongly reported it as missing ? It would be useful to know.
I've downloaded it manually. When I try to install, the installer reported that my system doesn't need this update. So, I don't have it, it's not listed into Add/Remove programs, and Belarc is wrongly reporting it in my opinion.
The best things in life are free.