COMODO Vulnerability Analyzer Version 1.0.0.9 (BETA) Released [Closed]

[Guest]

[umesh]

Hi,
We are very pleased to offer a new product 'COMODO Vulnerability Analyzer', here is the brief description of the product:

Comodo Vulnerability Analyzer adds a critical layer of security to your PC by making sure that the software you have installed is up to date and does not contain any vulnerabilities.

• Scans your machine for software in which vulnerabilities have been discovered
• Checks that the software installed on your machine is the latest version and notifies you if there are updates available
• Notifies you when one of your applications has reached 'end of life' and is no longer supported by the vendor
• Provides a clear solution to each problem with links to patches, advisories and recommendations
• Updates every day with new advisories to deliver real time security against the latest threats

Following are setup details:

32-bit Setup
--------------
http://download.comodo.com/cva/download/setups/CVA_Setup_1.0.0.9_XP_Vista_32_BETA.exe
Size: 3.12 MB (3,276,560 bytes)
MD5: 7d40b6082d0f8d155f13eff11d01fa2b
SHA1: 92ca8d5173829640d0f914b10ac10b234c0b605b

64-bit Setup
--------------
http://download.comodo.com/cva/download/setups/CVA_Setup_1.0.0.9_XP_Vista_64_BETA.exe
Size: 6.32 MB (6,627,600 bytes)
MD5: f6b5ffac32be7c0cd24bc2bb44a4d4b4
SHA1: c0d9b5bfb2c0579f1567e30a47f57c7915a46264

This BETA release is intended for beta testers who would like to test and give us valuable feedback.

Please use it, it's free for life, do let us know your feedback.
Bugs are most welcome and so the additional features you would like to see added in upcoming releases.

Thanks
-umesh

[Commodus]

Great. Comodo's Secunia Project.  Thank you !

Tested - Working great ! No vulnerabilities found 

[eXPerience]

Great tool, keep up the good work guys 

Xan

[JamesFrance]

I have the Secunia psi installed also.

This Vulnerability scanner says that I have the following vulnerable programs:

Adobe reader 8.1.2

Java runtime 1.6.0.5

Internet Explorer 6.0.2900.2180

Internet Explorer 7.00.5730.11(061017-1135)

Also the same Java version again.

Secunia says I have no unpatched programs installed.

[Ragwing]

Bugs so far:

• Crashed itself and Firefox
• When clicking Product URL or Update Information I get this error message:
  
  

Running Windows XP 32-bit SP 2 on an AMD Athlon XP Thorton 2400+.

Else, it seems like a promising product!

Cheers,
Ragwing

[LeoniAquila]

Adobe reader 8.1.2

This is the latest, so that should be a false positive...

Java runtime 1.6.0.5

...and this is not the latest, now there is 1.6.0.6

(I'm an update freak )

LA

[coltrane]

Excellent!

I also use Secunia PSI, and this tool seems to complement Secunia's perfectly. CVA is warning me about Java 1.6.0.5 (I will update to .6) Google Toolbar and Adobe Reader. None of them warned by PSI.

BTW, when I click Java vulnerability it shows 14 different warnings, first 03 october 2007 . Is that history information of the Java runtime? Because I think 1.6.0.5 is newer than that.

I would like to have a list of all the programs analyzed, not only the vulnerable ones. Now I can't see the option to check all the program CVA has checked.

And what about the updates? Will the database of the vulnerabilities be updated automatically or only the CVA updates when updates option is selected in Settings tab?

So far, just one crash when trying to update manually.

Thanks for this great product!

P.D. Have you seen todays Secunia advisory about CFP 2.4?

[Coolio10]

Excellent!

I also use Secunia PSI, and this tool seems to complement Secunia's perfectly. CVA is warning me about Java 1.6.0.5 (I will update to .6) Google Toolbar and Adobe Reader. None of them warned by PSI.

BTW, when I click Java vulnerability it shows 14 different warnings, first 03 october 2007 . Is that history information of the Java runtime? Because I think 1.6.0.5 is newer than that.

I would like to have a list of all the programs analyzed, not only the vulnerable ones. Now I can't see the option to check all the program CVA has checked.

And what about the updates? Will the database of the vulnerabilities be updated automatically or only the CVA updates when updates option is selected in Settings tab?

So far, just one crash when trying to update manually.

Thanks for this great product!

P.D. Have you seen todays Secunia advisory about CFP 2.4?

2.4 is no longer supported

[coltrane]

Sort of... vulnerability only for Linux version...  (Reader 8.1.2)

[Blas]

I think you confuse "unpatched" with "vulnerable".

[Melih]

thank you for your feedback so far everyone..
pls keep them coming to make this best possible!!!

thank you

melih

[Soyabeaner]

There does appear to be false positives:
It states I have a vulnerable IE 6 (no need for funny remarks here ) and links to http://www.microsoft.com/technet/security/bulletin/ms07-069.mspx for the solution, but I already have KB942615 installed.

uTorrent 1.7.7 has an update?  Excluding the 1.8 beta, this is untrue as the one I have is the last final version already.

MS PowerPoint 2003 is indeed vulnerable (I already knew that), but the url solution references the download site for -- MS PowerPoint 2003, which isn't a solution by itself, but I guess it is the only official site with info from MS.

I wonder why there are 2 instances of my Windows Media Player 10 (one in C:\Program Files\Windows Media Player and the other in C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}).

There's no close button for the info screen, just the X at the top-right corner.

Other than those to comment, I like this tool.  It literally took 3 seconds to scan my computer .

[JamesFrance]

I have only just found the vulnerability details, as the bottom section needed scrolling to show that.

It was rather confusing because of that, but now all is revealed.

[LeoniAquila]

Now I've also tried this nice little tool.

Here's a complete list of all my programs (on Windows XP SP3):

7-Zip
Adobe Reader Lite
Bryce
CCleaner
CFP
DC++
Diino
GIMP
InfraRecorder
Internet Explorer
JkDefrag
Media Player Classic
Mozilla Firefox
NT Registry Optimizer
OpenOffice.org
PDF Split and Merge
PDFCreator
RegSeeker

+ Java Runtime Environment and many codecs.

Everything is the very latest version (not referring to CVA here, but my own control of the system), except for Internet Explorer which is version 6. The result of the scan was the same FP as JamesFrance received: Adobe Reader. Other than that, no warnings, not even for IE 6.

LA

[panic]

G'day,

Neat tool - no crashes so far.

I'd like to see the vulnerability rating shown on the main screen. Admittedly this means it would have to do a look at up the time of detection, but the user is then presented with all the pertinent info he needs to determine his next action, all in one place (i.e. what is wrong and how wrong it is).

[Tags:]