I’ve long made it a practice to treat my Windows machines as if they have already been compromised. No, that’s not paranoia – that’s 30+ years of practical hands on computing experience.
If there’s one thing that experience has taught me it’s this – I don’t know what I don’t know. More particularly – I don’t know if any/some/all of the applications (including the operating system), I run on these machines have critical security vulnerabilities that I’m unaware of. And, yet to be discovered critical security vulnerabilities have been, and continue to be, a constant.
A recent example:
The Flame virus went undetected for two years by every online security firm.
Just today:
Chrome 20 fixes 20 security vulnerabilities
Winamp 5.63 fixes four critical security vulnerabilities
Old advice (beating a dead horse advice) –
“Keep all applications (including your operating system) patched, and up to date. Taking this simply step, reduces the likelihood that malware will become an issue a user will have to deal with – significantly. Cybercriminals use vulnerabilities in applications as entry points and gateways to compromise computers which can give access to confidential data such as passwords, online profiles, and bank details. Attacks exploiting vulnerable programs and plug-ins are often not blocked by traditional anti-virus applications.”
Sounds like good, practical advice – and it is. But as those of us involved in computer security know; this is advice that is not always followed. Some hold the view (including me), that it is rarely followed.
One particular application that I have reviewed and recommended a number of times – that assists users in keeping a system fully patched is – Secunia Personal Software Inspector (PSI) – which constantly monitors a system for insecure software installations.
Secunia is justifiably proud of the fact that there are currently 5 Million users running this free protection application – but, from a personal perspective, I’m shocked at this low number. It should be 500 Million users! What is wrong with people that they fail to understand the advantages of ensuring that their system/applications are patched and up to date?
There’s less reason now, than ever, to disregard the critical advice offered above. Today, Secunia launched version 3 of its free Personal Software Inspector (PSI), with a host of new features.
PSI 3 with its dramatically simplified user interface and intuitive preferences, takes the burden out of updating and patching – and, most importantly, helps users safeguard their computer, and data, against cybercriminals.
The new version makes patching software more comprehensive, automatic, and easier than ever. How simple is that?
How simple is it? The following screen captures illustrate.
On program launch a simple click on “Please run a scan” gets things moving.
A full scan takes no more than a few minutes.
In this test, PSI picked up one application that needed updating. You might think that VLC (VideoLAN), would be relatively safe from being manipulated by cyber criminals. Unfortunately, you’d be wrong.
In July of last year VLC, when downloaded from other than the developer’s website, came bundled with malware. A reminder as to why it’s so important to download from the developer’s site, or a recognized download service.
PSI automatically, and in the background, downloaded (from the official site) and installed the most recent version of VLC – raising the machine’s score from 98% to 100%.
Fast facts:
Simple User Interface – Dramatically simplified user interface displays the key information that users need to know: scan results, the security status of installed software, and when these programs are up-to-date.
Automatic Patching – With the Secunia PSI 3.0, users receive automatic updates for all software supported by the application. Previously Secunia only provided automatic updates for vendors that made automatic updates available.
Localization – The Secunia PSI 3.0 can be installed in any one of five languages including French, Spanish, German, Danish and English.
Program Ignore Rules – Users have the ability to ignore updates to a particular program by creating ignore rules. This can, for example, be relevant if a user has an application that depends on an older version of another program or plug-in. Users may reverse this selection at any time. Users also have the ability to view the file location and version number of an installed program.
History – Reports about the updates installed and scans conducted can be accessed at any time through the history feature.
Share – A new share link allows users to post a link on Facebook or Twitter feeds, making it easy for friends to try out the Secunia PSI 3.0.
Settings – The settings menu allows users to select whether or not to install updates automatically, and which drives are to be scanned.
System requirements: Windows 7, Vista SP 1 or later, XP – SP 3 (32 bit and 64 bit).
Available languages:
Download at: Secunia
Secunia PSI 3.0, by installing the latest security updates that a vendor of an application has released, offers a real solution which helps users avoid becoming a victim of a hacker exploiting vulnerabilities in installed software. Installing this free application should be a no-brainer.
For all the critical “yeah, but” experts who troll the Internet – it’s undoubtedly true that no security application is perfect. However, used properly, PSI 3 adds another layer of effective security.
Bill Mullins' Weblog - Tech Thoughts 
I found todays post very timely. I d/led Secunia just the other day after learning about it here in a recent post. I deleted or patched all but one appflagged by Secunia – Winamp. The version on Winamps own website was the one BEFORE the security update mentioned in today`s post. First thing I do tonite is update Winamp and try out the newest Secunia. Thanks for the tips…they will save a lot of us from grIEf.
Hex
Hi Albert,
Perfect! 🙂
Good to hear you find this a useful app.
Best,
Bill
Finally, you are back with the post, I scheduled for sunday lolz. Good to see you again.
Hey Neeraj,
Yeah, it’s been a while since I last wrote something fresh. Good to sweep the cobwebs out of my head. 🙂
Best,
Bill
I have a few WordPress websites and one of my favorite features is the nice number that shows up in the admin bar telling me whenever updates are available to the core, themes, or plugins, and how many there are. I can easily update them all, and, if I choose to update them one by one, can also get access to the change logs to make sure I want to update them. As much as I hate walled gardens, different apps stores also generally provide an api for programmers to easily let their customers know when an update is available. Why Operating Systems don’t do this…I dunno. The add/remove programs list in Windows could just as easily show if an update was available, and this info could just as easily pop up with that lovely Windows security center warning.
Sigh.
Anyways, I have to agree with you, Bill, Secunia PSI is a valuable program to help keep a person on top of things, and is a definite keeper.
Hey RedNightHawk,
Good to get your agreement on this – always adds a little something having another IT pro give the thumbs up. 🙂
I really like your idea of shifting the burden of app updating to the OS. If Win update can automatically update my third party drivers (vid card, web cam, monitor, etc.), then, it doesn’t seem like much of a stretch to go the full monty as per your suggestion.
As always – a great comment.
Best,
Bill
I was wondering that what happened to Bill, why other people are posting the old stories. I dint have your number else would have called you directly. Glad, you are back.
I checked the Secunia website around 1 week back to see if they have released the new version as it has been running in my laptop for around 1 year with the same old version. I was kind of surprised that they dint release any as afterall its a software and many would have found vulnerabilities in it by now, thanks you again checked it for all including me.
Just noticed that now your blog is using the https url, it seems that wordpress has shifted to HTTPS, may be they are aware and concern about the Google Blogger`s updates.
Hey Neeraj,
For the last few months I’ve been on one assignment after another, which left little, or no time, to post. My schedule is much more relaxed now – so, I’m back in the saddle, so to speak. 🙂
I have a good relationship with Secunia, so I knew about a week ago that the final version was being released today. As is common, all who received the notice had to abide by the embargo (no publishing allowed), which expired at 3 AM today.
Actually, I set https in my Dashboard so that readers could feel a little more secure.
Best,
Bill
Ohk, I got you. My first blog was on wordpress.com and long time back I shifted it to self hosted WP as well so no idea about it and thought may be like Google, WordPress is also improving the free hosting.
Hey Neeraj,
You’re right – WordPress makes small improvements continually. I like that.
Best,
Bill
Hey Bill,
It is surprising that I have not got any update from the software version 2 running on my friend`s computer to upgrade it to the version 3 though completed and published by draft post about the same but it contains the screenshots from older version.
I have redirected the users here to learn the use of latest version from the developer.
Regards
Hey Neeraj,
Very cool article!
Thanks for the linkback. Much appreciated.
Best,
Bill
Bill,
Another winner! I downloaded it, outside Sandboxie, and it did a great job. Thanks for all you do.
Best,
Paul
Hi Paul,
Another IT Pro gives it a “thumbs up.” Good one! 🙂
Now, if we can only convince average users to climb on board, we’ll all be better off.
Best,
Bill
Pingback: A Must Have Security Application – Secunia PSI 3.0 Final Release | Bill Mullins’ Weblog – Tech Thoughts | Paul's Internet Security Blog
Pingback: Secunia PSI: ‘Must Have’ security application » Daves Computer Tips
Pingback: Reduce Virus Infections by 99.8%? | Paul's Internet Security Blog