Rossander’s Security Reader

We’ve talked time and again about the need to keep your applications fully patched. Patches fix the holes and vulnerabilities that are specific to the programs that run on your computer.

If you already have an IT department that takes care of tracking your versions and pushing out patches to your computer, you can skip the rest of this tip. For the rest of us who have to be our own IT departments, read on.

Patching your operating system (i.e. Windows) is fairly straightforward if you use the Microsoft update features. If you don’t have Automatic Update turned on, do it immediately. You can set the updates through Control Panel/Automatic Updates. For most users, you should probably let the updates automatically install.

Patching everything else on your computer is more difficult. The average home user has 60 applications on the computer, each with its own holes and unique instructions for getting the patches. Keeping track of the applications and the needed patches is very difficult.

A friend recently forwarded me a link to an application from a Danish security company called Secunia PSI. This program (free for home users) inventories all the other programs on your computer and records the version numbers, then compares them with its own database of the most recent versions available for each program type. It gives you a report of the programs that are out-of-date and need patching or updating. For some programs, Secunia will give you a one-click icon to automatically update the software. For others, it doesn’t have a one-click option but they do their best to provide instructions and links to the application’s website.

I’ve been playing with the program for a few weeks now. When I started, I thought that I’d been doing a reasonable job keeping my computer up to date. Secunia found over a dozen applications that were out of date and quite a few that I’d thought were deleted from the computer but that were still hanging around. (Those were mostly the demo versions that came with the computer. I never used them – but the vulnerabilities and unpatched software was still there.) While none of the holes I had were life-threatening, a few were somewhat serious.

Secunia has a “simple” and an “advanced” mode. The simple mode only reported about six of the holes but they were the six that were easiest to fix. One click each took care of them. The advanced mode had a lot more information about more applications that needed fixing. It took a couple of very late nights to work all those off. But even if you only remediate the ones that show up in simple mode, you’ll be better off that you were before.

Despite the effort it’s taken to get my computer cleaned up, I’m glad that I have this new application. If you don’t use something like Secunia to keep track of your programs, make very sure you’re updating all your programs manually. Keeping your applications patched is important.