Hello -
We recently received a security complaint from a valued client regarding a Chained MSI package we meticulously assembled using Advanced Installer Enterprise.
The concern raised by our client pertains to a security notification that flagged the MSI as a potential malware risk. After conducting thorough security scans and analysis, it was identified that the MSI, constructed with the assistance of Advanced Installer (AI), was making use of the Volume Shadow Copy Service (VSS).
Allow me to provide a brief overview of the Chained MSI in question:
Chained MSI Description:
Our Chained MSI, crafted using Advanced Installer, encompasses multiple MSI components. Its primary purpose revolves around a single custom action that meticulously examines the Windows Registry, specifically "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall." This custom action identifies any existing instances of the previous version of the MSI. Once located, it proceeds to gracefully uninstall the outdated version before seamlessly installing the most current iteration.
Now, you might be wondering, as we are, where exactly the Volume Shadow Copy Service comes into play within this context and why it was detected during the assessment of the MSI produced by AI.
We are committed to ensuring the security and integrity of our software solutions. To address this matter effectively, we kindly request your expertise and insights into the detection of the Volume Shadow Copy Service in relation to our MSI package. Your guidance will aid us in resolving this issue and providing our clients with a secure and reliable software experience.
Thank you for your attention to this matter, and we look forward to your valuable feedback.
Suggested Articles
Re: MSI from AI failed Security Scan - vscs
Hello,
Unfortunately, I can not really say whether we use that service or not.
I will discuss this with our dev team and as soon as I will have more information, I will followup on this thread.
Thank you for bringing this to our attention and for your patience!
Best regards,
Catalin
Unfortunately, I can not really say whether we use that service or not.
I will discuss this with our dev team and as soon as I will have more information, I will followup on this thread.
Thank you for bringing this to our attention and for your patience!
Best regards,
Catalin
Re: MSI from AI failed Security Scan - vscs
Hi Catalin
How long will this take?
How long will this take?
Re: MSI from AI failed Security Scan - vscs
Hello,
I've discussed with the dev team and it looks like we do not use that service anywhere in our code.
Advanced Installer, as mentioned on our main page, is a tool based on the Windows Installer technology (proprietary to Microsoft). Most likely, I think that they are using the VSC service somewhere.
Unfortunately, there isn't much we can do about that.
Best regards,
Catalin
I've discussed with the dev team and it looks like we do not use that service anywhere in our code.
Advanced Installer, as mentioned on our main page, is a tool based on the Windows Installer technology (proprietary to Microsoft). Most likely, I think that they are using the VSC service somewhere.
Unfortunately, there isn't much we can do about that.
Best regards,
Catalin