eEye Digital Security

I have been trying to get rid of a so-called vulnerability for the last 2 days, indicating that I had a problem with Adobe reader 8.  This started only recently.  I have had Acrobat reader 9 for a some time and I could not locate any trace of 8.  Supposedly the fix was to upgrade to 8.1.3.

I finally got around this vulenrability by uninstalling reader 9.0 and reinstalling 8.0 and then upgrading it to 8.1.3.  So either the same vulnerability exists in 9.0 for which Adobe does not have a patch yet, or the test in Blink does not detect the latest release/update of reader 9.0.

I believe the vulnerability identified by blink was related to CVE-2007-5020.  This is odd that it shows up in Jan 2009.

There is a good posibility that one of the Adobe Acrobat version 8 registry keys was left in the registry or did not update properly (which was part of the vulnerable version Retina was looking for).  I would recommend running a program like CCleaner to clean up your system after installing or un-installing applications.  This program cleans a lot of the old registry keys out of your system for you that are no longer being used and so forth.

Yes I have cleaned and scrubbed the registry and files and directories with a cleaner.

The new version of the RegCleaner is in jv16 PowerTools which is a pretty nifty package.  Do you know how it compares with ccleaner?  I will try ccleaner, too.

By the way, when I installed Acrobat Reader 8.1.3 so that Blink is happy, Secunia started complaining that I am running obsolete version of Acrobat Reader.

I have not tried that cleaning package.  I like CCleaner because it is "light" and has yet to give me any issues.

So after you installed 8.1.3, were you able to upgrade to the current version and Blink was okay with it?

I have been running 8.1.3 and Blink is happy.  I did not bother with acrobat reader 9.0 even though Secunia complains about running obsolete software.  I will try it and post the result.

By the way, I did try ccleaner, and as you say it is pretty light wieght.  Regcleaner and ccleaner both find things that the other one does not.  Regcleaner is a lot more flexible in terms of search, I think.  While I was downloading ccleaner I also noticed a few other tools: dflagger and updatechecker.  Also good tools.

I reinstalled reader 9.0 and Blink is still happy.  So it must have been something left over from 8.1.3.  Thanks.

By the way,the package I was mentioning earlier was Defraggler (not Deflagger).

Yes Defraggler is a very nice HD Defragmenter tool from the makers of CCleaner too.  I like it a lot.

 I will agree that some of the vulnerabilities are just impossible to rid yourself of.....

Thou if you look some are embedded in older aps - i am not even sure some of these can be solved without removal of tha app package..

Brent:

Thou if you look some are embedded in older aps - i am not even sure some of these can be solved without removal of tha app package..

     Your right about that.  I have found only one way to seriously avoid 98% of these issues.  Install Windows from scratch, update it, and then install Blink as the very first application.  Next run a vulnerability assessment and correct any of the issues that are found. 

     Finally, at this point I make an image of my HD partition use Acronis True Image and save it to a DVD.  Now I always have a known good point to go back to which I know that Blink was completely happy with all of my system's configurations and settings.  I can then start to install my applications that I need to use on a daily basis.  Since I have started doing this, Blink has not given me a single issue what so ever! :)

     Anyone that is serious about using Blink, I would highly recommend that they try this.  As far as corporate users are concerned, doing the same exact thing would help them successfully create a "baseline" image for use on all of their systems.  This would be easy to implement (and maintain) which would make life easier for System Administrators if they had to restore systems to an operational state quickly for any known reason.