We’ve all got software installed on our computers that accesses the Internet. It is relatively normal to be connected to the Internet every second of the day. This combination means our machines need to be super secure.
In order to appreciate why security is important, let me explain. Software is written by software developers. These software developers (like me) are only human and from time-to-time they make mistakes. It is normal for new features to be added to software at an alarming pace. The browsers war is a prime example of how several companies are trying their best to convince us to use their browser; be it Chrome, IE, Firefox, Opera or Safari. As software grows they add more and more features. The more features they add the more complex the software becomes. This complexity makes it very difficult to make sure software cannot be abuse. By abuse I mean, can a bad guy make the software behave as it was not intended. For example, imagine if you were to browse to a random site. We put a lot of faith in our browsers to do as we ask; however, if a bad guy has discovered a method to make your browser behave as it was not intended they may be able to access all the files on your computer: your emails, family photos, letters etc. This is not an exaggeration! This type of thing happens and have been given the technical labelled ‘software security vulnerabilities’. What tends to happen is that these are fixed as quickly as they are discovered and the software company ships a new version of their software: known as a security patch. The problem is how do we know that our software needs an update? The truth is the majority of use do not update unless the software we are using forces us to. Ask yourself, when was the last time you updated Adode Reader?
Applying software updates
You could manually update each piece of software by checking the relevant vendors’ website for updates, downloading the updates and apply each, one-by-one. This solution would be very time consuming and is prone to error e.g. you missed an update. The automated solution I use is a piece of software called Secunia Personal Software Inspector (PSI). This great piece of software regularly scans the software I have installed and then checks Secunia’s central database for updates. Secunia monitors the vendors; thus, the know the latest version of almost every piece of mainstream software. If PSI detects a newer version than you have installed it will then either apply the update automatically, or, alert me of the issue. Simple!
The following shows the Dashboard screen PSI displays when opened:
This shows me that I need to update nine pieces of software. I can then drill into the scan results to view which software updates I need:
As you can see, I need to run window’s update. I also need to download and update the software for Adobe Air and my HP printer. To see the details of each I can drill into each by double-clicking the item in the list e.g.
The window above informs me the exact problem with the software and conveniently includes an “Install solution” button. The ‘Online References’ section also directs me to the vendor’s site to read the related security advisory. Following the advice from PSI, I can apply the recommended updates. PSI will eventually give me a 100% rating.
Of course, this process is iterative. I would recommend you re-check PSI on a weekly basis.
To obtain a free, yes FREE copy of PSI go here: http://secunia.com/vulnerability_scanning/personal/download_psi/. Happy patching.