<![CDATA[Warn when installing applications with known vulnerabilities]]>It would be cool if the local agent of VulnDetect recognizes when I am installing a new application (or an update for an existing application).
Then the agent should check with the servers if the installed application as known vulnerabilities.
If there are vulnerabilities, the local agent should show a warning.

]]>https://vulndetect.org/topic/476/warn-when-installing-applications-with-known-vulnerabilitiesRSS for NodeSat, 18 Apr 2026 17:33:09 GMTSun, 25 Nov 2018 15:54:18 GMT60<![CDATA[Reply to Warn when installing applications with known vulnerabilities on Tue, 27 Nov 2018 13:24:58 GMT]]>The intention is that after an installation users get a warning when there are known vulnerabilities.
No matter how this is implemented.

Think about the following scenario:
A user installs the current version of an application (like web browser), but the application has vulnerabilities.
The daily VulnDetect will start in some hours.
Now the user browses in the web and gets infected or hacked (the vulnerability is abused).
And after that he can see in the list of installed applications (in VulnDetect) that this software has vulnerabilities.

So the user will be very upset, because VulnDetect does already know about the vulnerability but did not warn him in time!
This could really be a problem for VulnDetect.

]]>https://vulndetect.org/post/1791https://vulndetect.org/post/1791Tue, 27 Nov 2018 13:24:58 GMT<![CDATA[Reply to Warn when installing applications with known vulnerabilities on Mon, 26 Nov 2018 13:10:44 GMT]]>This is a good idea.

The main issue with this is that it requires a driver to monitors disk writes, the Secunia PSI had this, but it is not our impression that the features that this allows us to build are the most important ones, so we will probably pursue a different avenue to attempt to achieve similar functionality.

]]>https://vulndetect.org/post/1788https://vulndetect.org/post/1788Mon, 26 Nov 2018 13:10:44 GMT