Search for content in message boards

FTM2014 - Showing as "Vulnerable Application" on Kaspersky Scan!

FTM2014 - Showing as "Vulnerable Application" on Kaspersky Scan!

Posted: 10 Dec 2013 3:03PM GMT
Classification: Query
When I ran a vulnerability scan using Kaspersky the FTM2014 application was listed as a "vulnerable application". On closer inspection it appears Adobe Flash Player 10.1.r52, which is embedded within the Tutorial_PC.exe, might be the culprit. This resulted in my taking restorative action to ensure my PC was not infected.

In order not to repeat the above is there any way I can do a custom install without the above executable or is there a fix likely in the near future from FTM?

Thanks for any advice. (But please do not suggest I simply ignore the above warning because I am not prepared to re-install FTM2014 unless I can be absolutely sure there is no risk to my PC).

Re: FTM2014 - Showing as "Vulnerable Application" on Kaspersky Scan!

Posted: 10 Dec 2013 3:08PM GMT
Classification: Query
Edited: 10 Dec 2013 3:08PM GMT
You may have to list FTM.exe on your whitelist or whatever it is called in your virus program and/or turn OFF your virus program when you install FTM 2014.
I have had to do that with both the 2012 and 2014 versions. I have a couple other programs I've had to do that with. I use TrendMicro.

Barbara

Re: FTM2014 - Showing as "Vulnerable Application" on Kaspersky Scan!

Posted: 10 Dec 2013 3:23PM GMT
Classification: Query
Barbara,

Thanks for your suggestion but doesn't this simply exempt FTM2014 from being reported by Kaspersky? With no change to the application it is still vulnerable and therefore at risk from third party attack.


Re: FTM2014 - Showing as "Vulnerable Application" on Kaspersky Scan!

Posted: 10 Dec 2013 3:35PM GMT
Classification: Query
Well, to be absolutely honest, there is that possibility with almost any program. However, I have learned over the years that some programs apparently won't install properly if the virus program is running. I don't like it either. I have just finally accepted that sometimes, it is the only way to get them to work.
It could be a pattern of bits that is a "false positive" to a particular virus program that might not happen with other virus programs.
ps: I worked in the computer industry most of my working career, until I retied a couple years ago and am very security conscious. So I always try to install with the virus program running first and only white list as a last resort if I know it's a good program and I really want to run it.

Barbara

Re: FTM2014 - Showing as "Vulnerable Application" on Kaspersky Scan!

Posted: 10 Dec 2013 3:36PM GMT
Classification: Query
The issue is really with Kaspersky. Their database needs to be updated so that Kaspersky does not flag this file.
You should be able to report this to Kaspersky.

Re: FTM2014 - Showing as "Vulnerable Application" on Kaspersky Scan!

Posted: 11 Dec 2013 11:10AM GMT
Classification: Query
Barbara,

I guess therefore I need to follow up with Kaspersky to get their view on whether this is a "false positive" or not.

Re: FTM2014 - Showing as "Vulnerable Application" on Kaspersky Scan!

Posted: 11 Dec 2013 11:13AM GMT
Classification: Query
David,

Thanks for your response. It will be interesting to get Kaspersky's view on this.

Re: FTM2014 - Showing as "Vulnerable Application" on Kaspersky Scan!

Posted: 11 Dec 2013 3:44PM GMT
Classification: Query
searching4u comment

Thanks for your response. It will be interesting to get Kaspersky's view on this

Could you please report back on this thread what Kaspersky says about this

I still have FTM2010-2011-2012 and 2014 loaded on my machine and contine to get vulnerability messages on this software----The Kaspersky vulnerability status [whatever that is] shows as inactive [whatever inactive means]

Re: FTM2014 - Showing as "Vulnerable Application" on Kaspersky Scan!

Posted: 6 Jan 2014 12:08PM GMT
Classification: Query
To remind of the potential threat found regarding this particular vulnerability and as stated by Kaspersky:-
"Impact System Access - This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user".

Further to the above I received the following response from Kapsersky:-

Dear Customer,

A vulnerability scan is an advisory rather than an action that needs to be addressed. When looking at the list vulnerabilities if you click on Details you'll be provided with more information regarding this application. Under solution on this page it will give you assistance in updating this. However in most cases its down to the user to update the application manually. We are not aware of any false positives regarding this application, however information regarding Family Tree Maker 2014 is not something that we are regularly provided with.

Thank you

As I mentioned previously when you click on "Details" in the vulnerability warning message it states:-
Adobe Flash Player 10.1 r52 - File: c:\Program Files\Family Tree Maker 2014\Tutorial_PC.exe

Recommended to be fixed.

Solution = "update to version 10.2.152.26".

In light of the above feedback I decided to delete the potentially vulnerable Adobe Flash Player program which I found in "program files" contained within FTM2014. To date I am running FTM2014 without any Adobe flash player and have not come across any impact as yet. A subsequent vulnerability scan ran cleanly.




Re: FTM2014 - Showing as "Vulnerable Application" on Kaspersky Scan!

Posted: 6 Jan 2014 2:46PM GMT
Classification: Query
For completeness regarding my previous reply the (Adobe) file I deleted had a red (Adobe?) icon beside it and was called Tutorial_PC.exe.

Cheers.
per page

Find a board about a specific topic