Secunia PSI – Checks for Software Vulnerabilities
A recent article on IE 6 and the inherent dangers involved in running such an outdated Browser, supports the view that not all of us make use of Microsoft’s Windows Update so that we are current with operating system critical updates, and security fixes.
As important as that is, it’s equally as important that we keep our installed applications current, and up-to-date. Every week, I receive the Qualys Vulnerability Report, and I never fail to be astonished by the huge number of application vulnerabilities listed in this report. I’ve always felt, that the software industry should thank their “lucky stars”, that this report is not particularly well known outside the professional IT security community. It’s that scary.
Should we be worried? Well, I think we should be. In a recent survey, Secunia, the Danish computer security service provider, well known for tracking vulnerabilities in software and operating systems, concluded that less than one in 50 Windows driven computers, are totally patched. This is a perfect scenario for the redistribution of malware.
Secunia goes on to report that the rate of patching and updating compliance, is even less than in previous years. This, despite the fact, that on a daily basis critical vulnerabilities continue to be discovered in popular software applications.
Some recent application vulnerabilities included, Mozilla FireFox, Apple iTunes, QuickTime, Skype internet phone, Adobe Acrobat Reader, Sun Java Run-Time, Macromedia Flash, AOL Instant Messenger, Windows/MSN Messenger, Yahoo Instant Messenger, Bit Defender, and RealPlayer.
Survey sample size – 20,000 users
User exposure – 98.1% have one or more insecure programs
User exposure – 30.27% have one to five insecure programs
User exposure – 25.07% have six to ten insecure programs
User exposure – 45.76% have eleven or more insecure programs
It has been my experience, that when a malware infection occurs, it is generally safe to say, the user is often responsible for their own misfortune. This survey points out, once again; computer users need to be more vigilant in order to ensure their own Internet safety and security.
The Secunia Personal Software Inspector (PSI) can help dramatically with this task. PSI constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application when available.
ZD Net, one of my favorite web sites has stated “Secunia Personal Software Inspector, quite possibly the most useful and important free application you can have running on your Windows machine”. In my view, this is not an overstatement.
Installing this small free application will definitely assist you in identifying possible security leaks; give it a try.
The Secunia PSI is free for private use.
Downloaded over 800,000 times
Allows you to secure your PC – Patch your applications – Be proactive
Scans for Insecure and End-of-Life applications
Verifies that all Microsoft patches are applied
Tracks your patch-performance week by week
Direct and easy access to security patches.
Detects more than 300,000 unique application versions
Provides a detailed report of missing security related updates
Provides a tabbed report which indicates programs that are no longer supported – programs with all known patches – insecure programs, etc.
Provides a Toolbox offering a set of links which helps you assess a problem and how you can resolve it.
System Requirements: Windows 2000, XP 32/64bit, Vista 32/64bit, and Win 7
Download at: Download.com
Bonus: Do it in the Cloud – The Secunia Online Software Inspector, (OSI), is a fast way to scan your PC for the most common programs and vulnerabilities; checking if your PC has a minimum security baseline against known patched vulnerabilities.
If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.