This article aims to articulate acceptance criteria for submitting software to be covered by SVR and SVM, as well as the rationale behind such. It is important to note that our Research team validates vulnerabilities, and this means it is necessary to obtain and analyze the software in question. When the software is end of life, or very old, it is often unavailable and (more importantly) not managed by the vendor to make official claims as to its status. EOL/EOS Software Versions Software versions that have reached End of Life, or End of Service, will not be added to our product database. We cannot reliably obtain and validate such versions of products and as they are no longer supported should be viewed as an inherent risk to your environment. We recommend upgrading or replacing such versions regardless of what stale vulnerability references may or may not exist. Antiquated Software Versions Software that has not seen any updates in a year or more is considered inherently insecure. Stale code is a red flag highlighting poor support. We encourage replacing such titles regardless of what stale vulnerability references may or may not exist. Unofficial Software Versions Alpha, Beta, and test software (or similar) are not suitable for a production environment and thus cannot be seen as properly secured/supported, and so we recommend considering such inherently insecure. Software Not Generally Available A product to be tracked must be a proper, usable product for a wider audience (meaning it can be bought or acquired by anyone who desires it). Product documentation or other evidence to support it is a proper product may be requested for confirmation. Some recent reporting on the product from the vendor should exist. Software with extremely limited releases like customized products is ineligible. Insignificant Open Source Branches Forks of open-source projects are only considered projects in their own right if the codebase significantly diverts from the forked project (some 10% difference or more). Software Already Tracked as Part of Software Should a requested product already be tracked via another product (e.g. Cisco hardware versus OS), then we will not add the additional product. In such a case, one should refer to the currently tracked product. We track Linux distribution packages, that get distributed via the Linux distribution itself, through the main Linux distribution as a product, and thus these packages are not considered products in their own right (e.g. OpenSSL package in RHEL 8 is not considered a product on its own, the product is RHEL 8). SaaS or Cloud Products Cloud-based / SaaS products where there is no patching action for the customer to resolve vulnerabilities are currently not currently tracked by our Research team at this time. ... View more

The InstallShield Activation Service will be discontinued on July 1 st , 2022. AdminStudio 2013, and earlier versions rely upon the InstallShield Activation Service for activations. These old versions of AdminStudio are end-of-life now, however, they continue to function and rely upon the InstallShield Activation Service for license activation. There will be no impact if AdminStudio is already activated, however, any new activation attempts by these very old versions will fail after July 1 st , 2022. AdminStudio has seen tremendous improvements over the years. While it continues to remain the best repackaging tool in the market, it has evolved beyond its place as a solution that helped you with your migration projects, to a solution you need to effectively manage your daily application management needs. The powerful Package Feed Module integrated with its powerful Package Automation capabilities helps you keep your application portfolio up to date with the latest version of the applications relevant to your organization, automatically on a configurable schedule. AdminStudio’s new Backlog Management capability enables you to identify unmanaged applications in your environment so you can take action to realize a secure and controlled environment and serves as the ideal place to manage and track the packaging requests. For those that want complete control, AdminStudio offers an extensive list of PowerShell Cmdlets and REST APIs to help you automate any task in AdminStudio. New and enhanced support for endpoint management systems continues to add value to those invested in solutions like ConfigMgr, Intune, Workspace ONE, and more. Never resting on its laurels, AdminStudio has evolved incredible support for MSIX for years featuring a dedicated MSIX Editor and a long of list features to support this new package format from Microsoft. Finally, we have improved and enhanced the security of AdminStudio itself making the current version of AdminStudio the most secure version ever. In today’s time technology is changing at a faster pace than ever and to be successful we must let go of the old and adopt modern technology. InstallShield Activation Service is one such legacy technology that has reached its end of life. Still, we want to make every effort to support our customers who are on those old versions of AdminStudio. To that end, we are offering a special discount to support your upgrade to the latest version of AdminStudio. If you are stuck on an old, end-of-life version of AdminStudio, you now have yet another reason to get current and enjoy these many new benefits. Contact us today to learn more!     ... View more

An update to SVR has just been posted which adds a new Advisory Type option to support differentiating between Secunia (Security) Advisories and Rejected Advisories when creating workflows.                Additionally, if you have very large watch lists, you'll notice a significant improvement in processing times! For full details, see the release notes here.  ... View more

SVM performs many features not permitted by web browsers, so leverages an ActiveX control to accomplish these tasks (like patch publishing, remote scan, and software suggestions). We recently launched a new browser-agnostic user interface at svm.flexera.com but left out these ActiveX-dependent features. Instead, important tasks like patch publishing are being moved to the SVM Patch Publisher. We expect to launch the patching capability soon, but in the meantime, news of Internet Explorer reaching EOL may prompt you to seek an alternative sooner.   While many have moved away from Internet Explorer as their default browser, many have maintained it for specific use cases including running the SVM admin console. Others have gotten in front of this challenge by employing MS Edge and it’s IE mode feature that mimics the functionality of IE within Edge. Only those sites that you specifically configure (via policy) will use IE mode. To have sites open in IE mode, see the below steps: Step 1: Create an Enterprise Mode Site List or update your existing one; then, upload it to the Cloud Site Management experience. Microsoft Edge uses the site list to open sites in IE mode. To create a site list and configure neutral sites, read this documentation or use the Configure IE mode tool. You can now upload and manage your site list in a compliant cloud location. Step 2: Configure IE mode. Use group policies to configure IE mode. You will need to configure either an Internet Explorer or Microsoft Edge policy to open sites from the Enterprise Mode Site List in IE mode in Microsoft Edge. To learn how to configure these group policies, see this page.  You can configure all intranet sites to open in IE mode via policy as well, but using an Enterprise Mode Site List is the preferred method. This recording also steps through the setup. Once the above is completed you simply need to follow the same process as setting up SVM for use within IE. Launch MS edge with run as administrator and navigate to https://csi7.secunia.com to download and install the plugin (also using run as admin). Your patch publisher does not have to be changed nor anything else for the functionality of SVM to function as expected.  Please continue to watch for updates here in the community as we introduce important new updates to the SVM Patch Publisher in the weeks ahead.   ... View more