Font Size Change

HOMEIT SecurityMeasures for Information Security VulnerabilitiesIPA/ISEC:Vulnerabilities:Filtered Vulnerability Countermeasure Information Tool “MyJVN” English Version Released


IT Security

IPA/ISEC:Vulnerabilities:Filtered Vulnerability Countermeasure Information Tool “MyJVN” English Version Released

Use the latest version to prevent security problems caused by the lack of security

Nov 30, 2009
IT Security Center
Information-technology Promotion Agency, Japan

IPA (Information-technology Promotion Agency, Japan, (Chairman Koji Nishigaki) released MyJVN Version Checker, a tool that enables people to easily check whether the version of the software installed in their PC are the latest, on November 30, 2009.
URL: (in Japanese)

In recent years, in addition to ever-evolving viruses which targets the general public, the methods of attacking are becoming increasingly diversified, such as attacking a specific company or organization by sending virus-attached emails under the guise of its employee (called targeted attacks), or aiming at security vulnerability of the web browser or video player to tamper with the web site of a famous company or organization(*1). Many of these attacks utilize vulnerabilities in the older versions of software products.

Although it is effective to upgrade software version against these attacks, “Information Security Treats Survey 2009” shows that the software version upgrade is not done much. According to the survey, 24.2% answered it was “troublesome” and 42.5%(*2) did not know how to upgrade.

Here, IPA developed a “MyJVN(*3) Version Checker” that allows people to easily check whether the software installed on their PC is the latest version.

Figure 1 shows the operation screen of the “MyJVN Version Checker”. With just mouse click, people can check the versions of multiple software. The results are easy to understand: ○ the latest version, or × not the latest version(*4).

If the software is not the latest version and users can easily access the vendor’s download website with also just a few click.

Figure 1. MyJVN Result Page

Figure 1. MyJVN Result Page

Currently, MyJVN Version Checker supports software shown in Table 1. Mainly internet-related software products were selected seeking cooperation from the software venders.

While implementing OVAL(*5), a specification for assessing security configuration of computers and improving its flexibility and efficiency, IPA will continue to enhance the usefulness of the Version Checker by expanding supported software products.

Table 1. MyJVN Version Checker Supported Products


Software Products



Adobe Flash Player (ActiveX, Plug-in)(*6)

Video player


Adobe Reader

PDF document software



JAVA Runtime Environment software(*7)


Mozilla Firefox

Web browser


Mozilla Thunderbird

eMailing software



Compression/Decompression software



Video player


MyJVN Version Checker’s operating requirements are shown below:

Table 2. MyJVN Version Checker Operation Requirements

(32bit only)

Microsoft Windows XP SP2, SP3 or
Microsoft Windows Vista


Internet Explorer 6, 7
Firefox 3


Sun Java Runtime Environment 5.0, 6.0



(*1)Information Security White Paper 2009 Part 2 “10 Major Security Threats” Released

(*2)Attitude Study on Information Security Threats 2009, 4-3-3: The reason not to apply security patch (in Japanese)

(*3)A collective term of tools and services that support the better use of JVN iPedia ( ), a vulnerability countermeasure information data base hosted by IPA. MyJVN Filtered Vulnerability Countermeasure Information Tool has been also offered since October 23, 2007.

(*4)When a software is not recognized, due to whether it is uninstalled or the version is older, the display will show the message like the following:
-uninstalled or not supported

(*5)Open Vulnerability and Assessment Language. OVAL is one of the elements that constitute SCAP(Security Content Automation Protocol), which allows the automation and standardization of technical approaches in the field of information security promoted by the U.S. government. For the detail, refer to Security Assessment Language “OVAL” Overview

(*6)Internet Explorer (ActiveX), and Mozilla Firefox for (Plug-in)

(*7)A set of software required to run a software developed in JAVA



IT Security Center,
Information-technology Promotion Agency, Japan (ISEC/IPA)