I havent reported any bugs in version 8.0.0.357 as im just getting used to it, so it takes a while to get the feel of any new software, and 2009 isnt really like previous versions.

I do like the fact it now shows vulnerabilities that is a very good inclusion but I find the reports difficult to follow, for example:

It will spot Java jre-6-0-5 has the vulnerability, but it cant tell me which application that belongs to only that java.exe in system32 is vulnerable - obviously upgrading the sdk etc for java will replace that file and any programs which depend on it, but what if the file is a dll? most users would only get the vulnerability number and the file itself - it is very complex working out which app the system32 folder dll's belong to, but as the scanner detects the vulnerability would it not be better to include the link to the update?

If it can already i apologise i havent seen it able to.

Hi,

If you right click the entry, and then "go to description", it will take you to a page which explains the vulnerability and what the best course of action to take is (e.g. update to new version)

many thanks for that, i was scratching me head trying to figure out which dll belonged to which app.

files in system folders can also be shared among several applications so it is in such situations sometimes also a real problem to do what you would like to have/see.