eEye Digital Security

eyesonly:

Also, explain why you stated that I did NOT provide audits?

Have you already send eEye your Retina scan log from the following location?:

C:\Program Files\eEye Digital Security\Blink\Scanner\Logs

You may seem numerous files in there from past scans.  I would send the latest one (look at "date Modified" to find latest one) to bpatten@eeye.com and carmstrong@eeye.com  ... unless you have already done this?  This should tell them what was hitting on your machine and where to go from there.

Blue1978:

eyesonly:

Also, explain why you stated that I did NOT provide audits?

Have you already send eEye your Retina scan log from the following location?:

C:\Program Files\eEye Digital Security\Blink\Scanner\Logs

You may seem numerous files in there from past scans.  I would send the latest one (look at "date Modified" to find latest one) to bpatten@eeye.com and carmstrong@eeye.com  ... unless you have already done this?  This should tell them what was hitting on your machine and where to go from there.

Thanks for the reply Blue.

Honestly, it's very hard for me to provide information to others about potential security holes in my computer, to anyone, even to Eeyes.

I'm going to hold off sending the log files, unless bpatten really needs them.  Even then, I might need time to consider that request.

From where I'm standing this has taken WAY TOO LONG to resolve.

I'm not an engineer, or a programmer, but to me it seems obvious.  My file versions and file dates are more up-to-date then the 3 updates patches that Vulnerability Assessment claims needs to be applied.  Microsoft Update says I'm up-to-date.  UNLESS there are registry files that are edited in addition to replacement of the files listed in the 3 patch updates (and there is NO reason to believe that this is the case), the most probable scenario is that a security patch or optional software from Microsoft has applied the updated versions of the files changed by the 3 Microsoft patch updates.   In this scenario, Microsoft Update KNOWS the computer is secure because of some security patch and/or optional software from Microsoft has applied the updated versions of the necessary files (therefore the 3 security patches are superfluous).

A simple call to Microsoft should confirm this scenario, and solve everything.  Or if Eeyes doesn't want (for whatever reason) to contact Microsoft, they can simply look at all the software patches and optional software released since September 4. 2009 (a little over a month), concentrating on whether the files in my original post were updated.

Optionally, if Eeyes has or can acquire Microsoft Windows XP & Office XP, they can just do a fresh installation, apply all service patches and security patches, and apply the latest version of Blink Personal.  If they run Blink Vulnerability Assessment report they will undoubtedly have the same 3 Office XP false positives, and they will have all the information necessary to solve the problem.

Either way, I don't have to continuously provide endless information.  Eeyes has enough information, in my mind, to determine what happened.

BTW, if Blink's Vulnerability Assessment module simply audited the file versions and file dates, then the 3 Office XP false positives would never have occurred.  I did NOT mention anything about this in the past, since I don't know how Blink's Vulnerability Assessment module determines whether security patches need to be applied.

Thanks for the reply, but I think I will hold up for a while and wait for bpatten.

eyesonly:

From where I'm standing this has taken WAY TOO LONG to resolve.

     I understand that and I don't know what all has gone on in email between you and eEye, but it is not just as simple as okay you have the patches installed, but your still getting the alert.  The reason I recommended that you send the Retina scan log is because it shows them exactly what Retina is hitting on (whether it is a file or a registry key, etc).  If it is a false-positive then it can be corrected.

     Also keep in mind sometimes when you install a new patch, old files from the prior version of the application (that may be vulnerable) sometimes end up not being removed properly by the patch installation.  Sometimes Retina hits on these.  This has happened to me personally when dealing with Java.

     Finally the unique thing about this whole matter is, Blink is protecting your system from these vulnerabilties.  This is why it was created; to make people aware of what could be misconfigured on their system or what may be lacking, but at the same time protecting from the issue at hand.  Granted this may not make you (as the consumer) feel better about everything, but it is something to keep in mind.

 eeyeonly, my email is carmstrong@eeye.com. Please take this offline.

Thank you.

Please try updating to Vulnerability Audit version 2166 and rerun the VA Scan and see if the issue is corrected.

Thank you

Thanks bpatten.

I ran the Vulnerability Assessment Report and it reported NO high risk vulnerabilities.  :)

The 3 Office XP False Positives are GONE.  

I don't know what you did, but it's fixed.  :)

Thank you (and your team) for taking the time to properly resolve the 3 Office XP False Positives.  

Everything works fine now.

Thank you for all your help.

I hope, in some small way, this has made Blink's Vulnerabiity Assessment module better.  :)