Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Security program automatically tracks down missing patches

Secunia has launched the latest version of its Personal Software Inspector

Secunia has updated its Personal Software Inspector (PSI) with the ability to silently download and apply patches from multiple vendors soon after their release. PSI 2.0 is now available in an open beta test,

Alongside the failure of security software to detect an exploit or a piece of malicious software, missing patches remain a significant reason why computers become infected with bad code. Cybercriminals are increasingly probing third-party applications to find a way to take over computers.

Secunia looked at the top 50 programs used by its more than two million users. Twenty-six of those programs are made by Microsoft, which uses an auto-update mechanism to distribute patches on the second Tuesday of the month. Of the 420 or so vulnerabilities found in those 50 programs in 2009, about 35 percent of those were Microsoft programs, said Stefan Frei, research analyst director for the company.

The rest were in third-party applications from Adobe Systems, Apple and others, which use up to 13 different update mechanisms for the remaining 65 per cent of vulnerabilities found in the 24 applications, Frei said.

Many of those applications have auto-update mechanisms, but none have uniform schedules for checking for new patches, Frei said. That leaves a window of opportunity for cybercriminals.

"This clearly shows why cybercrime is happening," Frei said. "They [cybercriminals] don't need Microsoft."

Even with diligent patching, there are "lots of users who have one, two, three apps that are not patched," Frei said.

In 2009, Secunia proposed to software vendors to create a common protocol that all vendors could use in order to get patches distributed faster. No agreement was reached, Frei said.

As a result, Secunia figured out the "secret sauce" to silently auto-update many applications in PSI 2.0. "This works for quite a few applications, and we are increasing the number of applications we can support," Frei said. "If the vendor releases the patch in a way that we can automate the download of the installation, it works."

PSI takes an inventory of applications on a person's computer and their version number. It then checks in with Secunia several times a day to see if a new patch has been released, which is the default configuration for the application although users can turn it off. Secunia recommends leaving PSI run in the background, as it is a lightweight application, Frei said.

Since PSI 2.0 was released a couple of days ago, more than 6,500 people have downloaded it and more than 10,000 patches have been installed. Most users need at least one patch. The number of downloads of PSI and patch installs was surprising, Frei said.

"We were astonished after 24 hours when we looked at the data," he said.

Secunia recorded more than 2,000 installations of patches for Adobe's Flash Player and more than 1,000 for Adobe Reader. Other most frequently patched applications from the sample set included Sun's Java JRE, Adobe Air, Irfan View, the Opera Web browser, Skype, Wireshark and the Firefox browser, according to Secunia's blog.

PSI 2.0 is free. The software is expected to come out of beta later this year, Frei said.

Send news tips and comments to jeremy_kirk@idg.com

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Adobe, Adobe Systems, Apple, Microsoft, PSI, Secunia, Skype
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: data protection, Desktop security, Exploits / vulnerabilities, malware, patches, Patch management, secunia, security
Latest Blog Posts
Whitepapers
  • The mobile print enterprise - How IT consumerisaton is driving anytime, anywhere printing
    The widespread adoption of smartphones and tablets, across Android, BlackBerry and Apple iOS platforms, has broadened the effectiveness of professional workers to remotely support business requirements. A continued reliance on printing amongst many businesses means IT must provide enterprise mobile printing capabilities that are secure and reliable. This not only ensures employees remain productive but also allows mobile printing to be tracked and controlled – vital in an era when many businesses face financial, environmental and security concerns. Read more.
    Learn more »
  • Essar Group - Essar Group executives enjoy printing on the move
    Essar Group’s senior management are constantly on the road. So it’s not surprising that the company has become a heavy user of mobile computing solutions to enable them to get their job done. The mobility and productivity of executives; enable them to easily print documents from any company location to any company printer using their smartphone. Read more.
    Learn more »
  • Lower Your IT Costs When You Standardize on Oracle Database 11g
    As business operations become more complex, the demand for change in IT increases, along with the associated risks that must be mitigated. Today’s IT professionals are asked to manage more information and deliver it to their users in a timely manner with ever-increasing quality of service. And in today’s economic climate, IT must also reduce budgets and derive greater value out of existing investments.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments