Summary Sophos HitmanPro.Alert is represented by two distinct (separately developed) versions. The version which Software Vulnerability Manager is programmed to detect is the HitmanPro.Alert (standalone).   Sophos has decided to port their “bundled” version into their other product  named  “Intercept X” . T he bundled  HitmanPro.Alert  has similar version metadata of its files as the standalone  HitmanPro.Alert, but the bundled  product   receives  security fixes while the public  version in the same ranges is vulnerable.           This situation leads to the problem that “bundled” release of HitmanPro.Alert is detected by the SVM as the actual “standalone” version.   Description This is because the SVM sees the same file names, same file version range as the standalone, and available in the same locations as the standalone on the physical drive.    SVM then flags the bundled version as Insecure (which is true for the standalone release), but as this bundled version has been silently patched by the vendor – this assessment status appears incorrect.    To drive continuous reporting on the standalone version, to which we have committed  to detect and assess continuously,  Flexera will continue to detect  the standalone product  without changing its detection assessment mechanism s .    This means that customers who run the bundled release that comes with “Intercept X” should ignore the security status displayed in the SVM product.  Instead, revert to emailing the vendor and requesting more information on whether their actual bundled release is  vulnerable, or it is secure .    Naturally,  Flexera is  looking to establish  a contact with the vendor in relation to this problem; but in the meanwhile, until a  good  solution is found, please follow the hereby mentioned suggestions  if you are running a bundled version of HitmanPro.Alert 3.x.   ... View more

Description:   The latest secure standalone installers of the Google Chrome product appear to fail on install for systems that have no prior installation. Currently, based on our research and quality assurance, the issue appears to show a problem on the vendor's end. This notion is also supported through a post by a third-party on the support pages of the vendor (See additional info: [1]).   As a result, we are currently unable to provide the SPS packages for the installer and instead provide generic links towards the vendor download pages.   We are still monitoring and are continuing to work hard towards bringing you the full extent and convenience our SPS packages provide in that regard. For example, should the vendor provide an installer which appears to work regardless of installation circumstances, then we will proceed with the creation and distribution of SPS packages to aid our customers.   UPDATE: Today, January 22nd, Flexera released SPS packages to the SVM for the latest 88.x release of Google Chrome. Although the released to SVM version of Chrome has specific build number of 88.0.4324.104 that is slightly higher than version 88.0.4324.96 that is recommended by SA100239 as the next secure version, the higher x.x.x. 104 release should be fully sufficient to patch the vulnerabilities reported through the aforementioned SAID, since this release builds on top of the code of 88.0.4324.96 and it only carries a technical hotfix for problems with the Google Chrome installers reported through the current KB. Flexera has included a double-reference for the secure version through the SPS system in SVM, where you will notice a recommendation under the "Patched Version" column to patch to 88.0.4324.96/104, thus indicating that the included SPS patch is of version 88.0.4324.104.   Additional Info: [1] https://support.google.com/chrome/a/thread/94282332?hl=en ... View more

Summary: Adminstudio Keeps Prompting for Activation Even After Activation Code was Entered.   Description: When activating, make sure the Activation Code for your Product matches the Version of the Product. Even if you have a perpetual license for Adminstudio 2019, it does not translate to a license for Adminstudio 2020. ... View more

Summary: Example of How to Use Python with SVR/Research API to Create Watchlists.   Description: You may run python from RHEL. Here are some steps to install Python on RHEL. 1. Install the pip from SCL as root # subscription-manager repos --enable rhel-server-rhscl-7-rpms # yum install python27-python-pip 2. Switch to a normal user and check the pip # scl enable python27 bash # which pip # pip -V 3. Install requests modules with pip and run .py script # pip install requests # python YOUR_PYTHON_SCRIPT_NAME.py Example Code: import requests import json session = requests.Session() session.headers.update({'Authorization': 'Token TOKENVALUEHERE', 'Content-Type': 'application/json', 'Accept': 'application/json', 'Host': 'app.flexerasoftware.com', 'Accept-Encoding': 'gzip, deflate'}) #Create Watchlist - Uncommment below to Create. # response = session.post('https://app.flexerasoftware.com/api/asset-lists/', json={'enabled': True,'receive_all':False,'products':[],'vendors':[],'advisories_need_approval':False,'ticket_threshold_level':6,'notification_level_email':6,'notification_level_sms':1,'ignored':[],'selected':[],'custom_cr': None, 'custom_ir': None,'custom_ar': None,'product_releases':[60497],'name':'TEST2','group': None}) # print(response) # print (json.dumps(response.json(), indent=4, sort_keys=True)) #Modify Watchlist - REPLACE 14 in both URL and payload with the Watchlist ID to update. Modify the json payload with changes to be made. response = session.put('https://app.flexerasoftware.com/api/asset-lists/14/', json={"id":14,"enabled":True,"receive_all":False,"products":[],"vendors":[],"advisories_need_approval":False,"ticket_threshold_level":6,"notification_level_email":6,"notification_level_sms":1,"custom_cr":None,"custom_ir":None,"custom_ar":None,"host_group_id":None,"product_releases":[60497,46340],"group":1,"name":"TEST6"}) print(response) print (json.dumps(response.json(), indent=4, sort_keys=True))   #Delete Watchlist - Uncomment below and REPLACE 16 in both URL and payload with the Watchlist ID to delete. # response = session.delete('https://app.flexerasoftware.com/api/asset-lists/16/', json={"id":16}) print(response)   Additional Info: https://access.redhat.com/solutions/1519803 ... View more

The iTunes installer is architecture sensitive. It only allows the 32bit version of iTunes to install on 32bit OS's. This can be problematic with the package created by SVM, as the wizard in Step 4 of 4 allows and defaults the System Applicability to Both 32-bit and 64-bit Systems.   However, if you try to install the 32bit version of iTunes on a 64bit OS you may see this error.   You may see this in the SecuniaPackage.log: Package architecture does not match system architecture. Aborting ... View more

Summary: Setting DSN info for a SQL ODBC connection.   Description: Creating a new DSN will populate some base Properties and Values in Installshield's ODBC Resources view for the DSN. However, you will likely want to setup the ODBC to use certain attributes, such as Server. Those Attributes would be ODBC specific attributes not Installshield specific. Information on such attributes may be found externally.   Additional Information: Such as these for SQL ODBC connections: https://docs.microsoft.com/en-us/sql/connect/odbc/dsn-connection-string-attribute?view=sql-server-ver15   ... View more

Summary Api's such as those found at: http:///esd/api.asmx can be executed from Powershell. Synopsis This article discusses how to invoke an AppPortal API with Powershell. Discussion Api's such as those found at: http://<AppPortal Server>/esd/api.asmx can be executed from Powershell. For this example we will look at the following API: RemoveDeploymentForACatalogItem When you click on the API it will bring up an information page for that API.  Find the HTTP POST section on the API's information page. In this section, it should display the parameters for the API.  For  the RemoveDeploymentForACatalogItem API  in the HTTP POST section is, Title=string This lets us know that a parameter named "Title" is needed and it is a parameter of type string. An example .ps1 script is: $username = "<domain\user>" $password = "<PASSWORD>" | ConvertTo-SecureString -asPlainText -Force $cred = New-Object System.Management.Automation.PSCredential($username,$password) $postParams = @{Title='<Catalog Item Title>'} Invoke-WebRequest -uri "http://localhost/esd/api.asmx/RemoveDeploymentForACatalogItem" -Method POST -Credential $cred -Body $postparams -ContentType 'application/x-www-form-urlencoded' $username, $password, and $postParams will need to be set (after the 😃 with your information. ... View more