We have 8 different fixlets showing computers as being relevant to vulnerabilities in IrfanView that are incorrect. The content comes from the site “Vulnerabilities to Windows Systems”.
The relevance is simply looking at the file version of the IrfanView executable (i_view32.exe). So for example, the fixlet is showing relevant if “i_view32.exe” is less than version “4.23”.
When you look at the properties of “i_view32.exe” in Windows, however, it shows the following:
File Version = 4.4.2.0
Product Version = 4.42
The file version uses a different format (4.4.2.0 instead of 4.42).
So for a Windows machine that has IrfanView 4.42 installed (the latest), here’s the behavior:
Q: version of it of file "C:\Program Files (x86)\IrfanView\i_view32.exe"
A: 4.4.2.0
The relevance in the fixlets, however, are using the other version format. So for the same Windows computer that was used above, it shows (I simplified the relevance):
Q:version of it of file “i_view32.exe” of folder “C:\Program Files (x86)\IrfanView” < "4.23"
A: True
So our Windows computers with the latest IrfanView installed are always showing as relevant to the fixlets.
I’m relatively new to Bigfix and not sure where to start to get something like this modified or corrected. Any help very much appreciated!
Thanks