I am working with vulnerability scanning vendor, Tenable, which is reporting a false positive after updating Adobe Digital Editions to 188.8.131.52048. The scanner is checking for DigitalEditions.exe to be version 184.108.40.206048 but when Adobe Digital Editions 220.127.116.11048 is installed (downloaded from https://www.adobe.com/solutions/ebook/digital-editions/release-notes.html), DigitalEditions.exe is version 18.104.22.168. You can launch the software and verify it is indeed version 22.214.171.124048.
Tenable's response is below
"It appears this is already a known issue with this particular plugin. There's no resolution just yet.
Our plugin is looking in the correct\standard places - we cant open the application and read the about page during a scan. Can you reach out to Adobe to provided a valid explanation as to why they do not update the registry and exe to reflect the correct version number? They are presenting incorrect information, and we are not likely to modify the plugin to accommodate this without good reason.
Simply put, 126.96.36.199 does not = 188.8.131.52048
So we need a programmatic way to detect this."
It is now October 2019, what "thohun" wrote above is still true. According to Adobe release documents, v184.108.40.206048 is the newest version. When I go to download this directly from Adobe's website what I get is v220.127.116.11 Yes, this is a VERY minor pickey issue... but, my computer thinks it does not have the newest version of Adobe Digital Edtitions. Six months after the above post 18.104.22.168 still does not equal 22.214.171.124048
It is now January 2020, and this is still an issue. Is there anyone from Adobe that can comment on progress of resolving this? The Help-->About shows 126.96.36.199048, but right clicking on the .exe file for ADE and going to the details tab still shows 188.8.131.52, as well as the registry at HKLM/Software/WOW6432Node/Adobe/Adobe Digital Editions 4.5 which is why it's getting flagged by Nessus.