Overview

LanGuard does not detect major updates for some vendors, e.g., Java and Adobe Reader.

Information

• Prior to LanGuard version 2014, when LanGuard detected major updates for Vendors including Java and Adobe on a machine, it would see it as a vulnerability and offer the latest major update. This caused some major issues for some customers and has since been reverted.
  
  
• Since customers can have multiple versions installed, LanGuard does not show the option to update this version, as this could break any application that requires legacy versions.
  
  
• Moreover, if LanGuard offers these major updates it will be installed side by side, so although the legacy version has reached the EOL, the security issues will not be solved.
  
  
• The main reason why these major versions are not removed (or replaced with latest versions) is because some applications might depend on it, so we cannot do it automatically. The intervention from the customer is required in these situations.
  
  
• The only change we might add would be a warning message explaining the situation and the risks of having legacy versions installed. This was passed onto Product Management but it has not been implemented yet.