COMODO Vulnerability Analyzer Version 1.0.1.13 (BETA) Released

Hi,
Today we have released updated setups and program updates for CVA.

Following are setup details:

32-bit Setup

http://download.comodo.com/cva/download/setups/CVA_Setup_1.0.1.13_XP_Vista_x32_BETA.exe
Size: 3.22 MB (3,384,080 bytes)
MD5: 7f79811e7dac878cbd84ab94f92f27e4
SHA1: dcedc341ce8b11a823f1f403ceaae069a692d096

64-bit Setup

http://download.comodo.com/cva/download/setups/CVA_Setup_1.0.1.13_XP_Vista_x64_BETA.exe
Size: 6.41 MB (6,724,368 bytes)
MD5: 2984a97cff0b36344a96fa34db6cbbb3
SHA1: 6cbd590d882a5870aab82090b1355cdca08ff660

We have provided two types of updates in CVA today:

  1. Database Updates: You can use version 1.0.0.9 and when you press ‘Start’, it will update local DB and you should see FPs reported in last release fixed. As i mentioned in previous release that whenever you scan, scanner makes sure it’s local DB is up to date and is in sync with server.

  2. Program Updates: Program files updates can be availed using ‘Miscellaneous → Update’ option. It has following changes:

*IMPROVED: Added ‘Close’ button in ‘Vulnerability Information’ dialog.

A general note to testers:
CVA has just started and we can’t be compared in detection count with competitors, we will catch up within short period of time. So this is not something that’s going to be released next week. Once we have detected count at par with competitors, we will make it public and till then it will remain as BETA.
In this period we want to strengthen the quality and count of DB and that’s where we need your input. We are targetting for ZERO FP and Just like last release, input from you guys have been of tremendous help and we are very happy and obliged to you guys who invested valuable time in testing this product.

So please keep the momentum going and give it a try again and let us know your feedback on detection, specially if any FP is encountered.

Thanks
-umesh

Looks great umesh

No FP’s for me this time.

Thanks for this

John

Great, thanks for the update.

There is\could be a false positive wit Winrar. Unless there is a beta somewhere (which I can’t find) 3.71 is the latest version and that’s the one that is one I have. Also the link to the update does not work (only for Winrar). It does not open the browser.

Apart from that, I wonder whether it is a good idea to list betas as available updates without any warning (for example, Opera browser). Personally I don’t mind, but not everyone likes to use those.

The close button (X) only closes the program window and minimises it to the system tray. I don’t like that behaviour. It should close the program. The minimise button (-) should minimise, not the close button.

Update went smooth!

thanks Umesh.

Harry

Hi!

very good improvements in this update. I like to see updates also, so soon I can get rid of both Secunia PSI and Filehippo update checker!

Now, it seems to have a problem with Acrobat Reader. Yes, AcroRd32,exe shows 8.1.0.xxxxxx in file info, but it’s already updated to 8.1.2 - you can see it in About Reader. Maybe it’s Adobe’s fault for not updating file info, but Secunia shows the right version.

Filehippo is now showing 7 updates to my programs, CVA only 3. 2 actually, because Winrar is a FP. Also, if I click the link in CVA does nothing (all other updates go to filehippo) The 5 updates missing are:

Google Earth 4.2.0205
Iso Buster 2.3.0.1
MBSA 2.1
OpenOffice 2.4 (I have 2.3 which is also vulnerable but not showed anywhere in CVA)
Skype 3.8

Well, i can’s say if that is a bug or not, maybe Comodo only show updates for some programs.

Finally, the worse thing so far is OpenOffice issue. I don’t mind FPs but not showing a ver well known vulnerability is really bad.

Thanks again for CVA, I needed such a program!

I think it gives a false positive with opera 9.27 ? It says that it isn’t up to date?

I any case, the rest is right!

Xan

Two little bugs:

http://img229.imageshack.us/img229/649/regioncaptureyw5.jpg

Winrar 3.71 is the last version.
Utorrent 1.7.7 is the last estable version.

First, here’s a quote from my last experience with the previous version:

I have the very same prerequisites now. I got a FP for Adobe Reader - it’s the latest version on my system (8.1.2), although it’s the “Adobe Reader Lite” version. I’m also posting the warning(s) I got from CVA.

LA

[attachment deleted by admin]

I get a error, can’t connect to server

even after a reboot

[attachment deleted by admin]

Comment on last beta:

All the previous FP’s have been fixed :-TU except for the “update” on uTorrent 1.7.7 because it’s still the latest stable version.

In addition, there are now 2 new FP’s that the others are getting:
Opera 9.27 and WinRAR 3.71 (both already latest stable versions).
And for some reason the only link that doesn’t open a new browser tab is the one that supposedly updates to WinRAR 3.71.

The updater produced no errors for me. Gizmo, ensure that IE is not uninstalled or in offline mode.

My only question is why are some of the programs’ real updates removed, such as WMP 10 has version 11 and PowerPoint Viewer 2003 has version 2007 available for updating ???

The latest version of opera in their official site itself “Opera 9.50b2 for Windows”.

Check it out …

:THNK

Ummm … the “b” in “9.50b2” means BETA. BETA release are not generally considered official releases.

Ewen :slight_smile:

Hi Everyone,
Thanks for giving it a try again.
We have fixed FPs reported for :
Winrar
Opera
Adobe
Utorrent

If you scan again, you should see it fixed.

In response to Little boy’s comments:

The latest version of opera in their official site itself "Opera 9.50b2 for Windows". Check it out .... http://www.opera.com/products/desktop/next/
We don't cover Alpha/Beta/RCs, so that was not the case. Only official public releases are part of CVA.

In response to Soyabeaner’s comment:

My only question is why are some of the programs' real updates removed, such as WMP 10 has version 11 and PowerPoint Viewer 2003 has version 2007 available for updating
We will be adding these back before month end, analyzing all the versions of it.

In response to coltrane’s comments:

Filehippo is now showing 7 updates to my programs, CVA only 3. 2 actually, because Winrar is a FP. Also, if I click the link in CVA does nothing (all other updates go to filehippo) The 5 updates missing are:

Google Earth 4.2.0205
Iso Buster 2.3.0.1
MBSA 2.1
OpenOffice 2.4 (I have 2.3 which is also vulnerable but not showed anywhere in CVA)
Skype 3.8

Well, i can’s say if that is a bug or not, maybe Comodo only show updates for some programs.


Like i said in first post of this topic, we don’t cover all products/versions covered by competitors as of today and just adding up as we move on.

In response to Toxteth O’Grady’s comments

The close button (X) only closes the program window and minimises it to the system tray. I don't like that behaviour. It should close the program. The minimise button (-) should minimise, not the close button.
It will be fixed in next program updates we make.

Please try again and letus know if any FP is found.

Thanks
-umesh

Ye, there are 2 categories: one for available Updates and another for Vulnerabilities (which could refer to a program regardless of its version).

Not a huge problem, but I’ve noticed that after I do a scan, the “Last Scanned” day/time is reported, but after rebooting, the Last Scanned reads Not Available as if I had never done a scan.

Umesh, some sites out there are still saying that Java v.5 is up to date, so just for the heck of it I downloaded Java v.5 and installed it on a fresh XP never having Java on it before. Ran the analyzer and it reported I was up to date and reported no vulnerabilities.

As you well know Java is at version 6 already.

Just wondering if thiswas intentional?

Not really sure if CVA should pick up on this as its technically not a vulnerability but im running CFP3.0.24.368 and it`s not informing me about a later version.

A new version has been released.

COMODO Vulnerability Analyzer Version 1.0.1.18 (BETA)

Thread Closed.

Josh