Secunia PSI 3.0 can silently deploy security patches for Windows software
- 28 June, 2012 12:12
Danish vulnerability intelligence and research firm Secunia has launched version 3.0 of its Personal Software Inspector (PSI) patch management program, which can silently install security updates for a large number of software applications.
PSI leverages Secunia's vulnerability intelligence to determine if software programs installed on a user's Windows computer are missing security patches. The product is free for personal use and supports applications from over 3,000 software vendors.
The first version of the program was only capable of notifying users about available security updates and providing them with links to download them.
That changed in version 2.0, which added the ability to automatically download and silently install patches for a limited number of popular applications like Adobe Reader, Flash Player and Java.
The new PSI 3.0 extends the silent patching functionally to all supported applications. However, users can enable and disable the feature at will from the program's interface.
Secunia is able to provide a patching experience that doesn't require any user interaction or effort by encapsulating all vendor patches into a proprietary installer that suppresses their dialogs.
"Updating software is a daunting task," said Thomas Kristensen, Secunia's chief security officer, via email. Most software vendors don't provide proper automated and silent updating mechanisms for their programs, which causes many users to fail to keep up with security updates, he said.
Statistics recently gathered by Secunia from PSI users in the U.S. showed that 16 percent of the unpatched vulnerabilities detected on their computers were located in the operating system, 18 percent in Microsoft programs and 66 percent in software applications from other vendors.
Oracle's Java, Apple QuickTime and Adobe Shockwave Player were found to be the most exposed programs based on their market share and unpatched rate.
Java, which is one of the most commonly targeted applications in exploit-based attacks, was installed on 83 percent of the scanned computers. However, 31 percent of them were running an outdated version.
In order to prevent the automatic update feature from causing problems for users who need an older and insecure version of a program for compatibility reasons, PSI 3.0 allows users to create ignore rules for particular applications.
In addition to automatic updates for all supported applications, the new PSI 3.0 comes with a significantly simplified user interface compared to version 2.0 and supports five languages -- English, French, Spanish, German and Danish.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Larry Page wants to see your medical records
Dual-Persona Smartphones Not a BYOD Panacea
After two-year hiatus, EFF accepts bitcoin donations again
CIOs struggle to deliver timely mobile business apps: survey
Spiceworks' free management software gets integrated MDM
NetApp FAS6240 Clustered SAN Champion of Champions
Storage systems today must match agility with diversified I/O performance to satisfy an enterprise’s changing needs. In their review, Silverton Consulting ranks the NetApp FAS6240 Clustered SAN, as an Enterprise OLTP “Champion of Champions.” Read the results of their benchmark testing and the features that impressed them the most.
Building a Better Mousetrap in Anti-Malware
This story is becoming frustratingly old. Cyber threats are continuously advancing in their adaptability speed, sophistication, and degree of stealthiness. At the same time, the exposed footprint is expanding. More business operations are moving online and end-user devices—corporate-issued and user-owned—are expanding in number and variety. A reasonable question asked by executives responsible for making decisions on their organisations’ security budgets is whether their money and resources are being spent wisely. Are their businesses buying and using the best mix of security technologies to meet their needs and obligations? Read on.
Real-Time Protection Against Malware Infection
Malware is at such high levels (more than 60 million unique samples per year) that protecting an endpoint with traditional antivirus software, has become futile. More than 100,000 new types of malware are now released every day, and antivirus vendors are racing to add new protection features to try to keep their protection levels up. Read more.