Last night, I got a notification to check on my PCs from Secunia, which sends out notification e-mails any time a registered machine’s known software components or OS require updates to maintain proper security. Because yesterday was Patch Tuesday for December, 2009, this came as no surprise at all. What did comes as a surprise this morning when I got around to checking was that a handful of unexpected items popped up in the alert list. I’m pretty serious about fixing such things because ultimately, the goal is to maintain a solid set of green bars across the entire Secunia Historic Development chart, which looks like this:
As usual, I tackled the numerous items whose status changed from secure to insecure since my last regular weekly scan to bring my system back into full compliance. This morning, there were five such alerts: one for Adobe Air, two for Adobe Flash, one for Google Chrome, and one for the MS Office PowerPoint Viewer 2007. I was able to dispatch all of them pretty quickly by installling the upgrades or patches for which Secunia helpfully provides links in its item detail info, except for PowerPoint Viewer 2007. That link took me to Microsoft Update which cheerfully informed me that no updates were needed. Hmmm…
I immediately jumped up onto the Secunia forums (staffed by a crack group of staffers and volunteers) and found a thread that prescribed the right approach to this apparent mystery:
Only then will Secunia give a clean bill of health to PPT Viewer. Of course, I’m grateful to get secure and stay that way, but I’m a little irked that my inclusion of MS Office Updates in my Windows Update configuration turned up nothing on its own beforehand. I’m also a little puzzled as to why downloading the PPT Viewer from Microsoft triggered additional Windows Update activity even though it purports to be the same version I already had installed on my Office-equipped machines.
But because this situation took me by surprise, and so many enterprises run MS Office and probably also haven’t gone through this maneuver, I wanted it to broadcast it to the largest possible audience. Consider this blog a notification that PowerPoint Viewer 2007 (included by default with most versions of MS Office 2007) needs a security update, and a description of what’s involved in adressing this not-completely-straightforward maneuver. Even Secunia didn’t do that directly, so I hope this qualifies as a “public service.” As a devoted Windows-head, I found it interesting and unusual enough to be worth figuring out and fixing in any case.]]>