Must read: Why BYOD is not about to take over your office

Topic: Software

Discover

Free utility looks for missing security patches

Summary: The free tool can be used to inspect and monitor more than 4,200 different PC applications to flag dangerous software vulnerabilities.

Ryan Naraine

By for Zero Day |

Secunia has shipped a downloadable version of a free utility that scans Windows machines to find missing software patches.

The tool, an enhancement to the Secunia Software inspector (a Web-based scanner I've covered before), can be used to inspect and monitor more than 4,200 different PC applications to flag dangerous vulnerabilities.

Free utility looks for missing security patches

This is the perfect tool to help figure out whether you are running a vulnerable version of programs like Adobe Flash, Photoshop, QuickTime, Trillian, AIM or Yahoo Messenger. These applications are running on millions of Windows machines but, as previously reported, PC users struggle to keep up with patches for holes that could open doors to malicious hackers.

[SEE: Secunia: 28% of all installed apps are insecure ]

The tool works by examining files on your computer (primarily .exe, .dll, and .ocx files) for meta information on specific software builds installed. After examining all the files on the machine, the collected data is sent to Secunia's servers and matched against the Secunia File Signatures engine determine the exact applications installed on your system.

It can be used to flag insecure/end-of-life software and find direct download links to missing security updates.

Secunia said it has already licensed this technology to some anti-virus vendors so this is a feature that will likely be bundled into Internet security suites.

Topics: Software, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

9 comments
Log in or register to join the discussion

  • Serious Privacy Issue

    From the article": The tool works by examining files on your computer (primarily .exe, .dll, and .ocx files) for meta information on specific software builds installed. After examining all the files on the machine, the collected data is sent to Secunia?s servers and matched against the Secunia File Signatures engine determine the exact applications installed on your system."

    If Microsoft did this, everyone would be howling about the privacy concerns of sending a list of every program you have installed on your system. I'm _really_ uncomfortable about sending this info out. A much better solution from a privacy standpoint would be for Secunia's system to download the "Secunia File Signatures" to your local system and run the comparison locally.
    bugmenot2
    Reply Vote

    • I concurr but consider this...

      There are those that would claim that after planting a trojan, data miner or root-kit, those responsible would ideally prefer all the sensitive data processed at the calling/server end of a link. There are also those that hold the view that certain corporations in the OS creation field might be the private financiers of such ventures in a clandestine attempt to monitor unsuspecting members of the public. I - of course - couldn't possibly comment.
      thx-1138_
      Reply Vote

  • Fixing software

    Forgive my lack of expertise, but what about Big Fix? What's the difference between the two?
    eleos@...
    Reply Vote

  • Nice idea, but...

    When I downloaded and installed the program, it started trying to register itself and never finished. Think I'll wait til they get it out of beta before I download again. :p
    Ginevra
    Reply Vote

  • Secunia

    I downloaded and installed, but it wouldn't work !!
    rbyrne@...
    Reply Vote

  • If it doesn't work, why cover it?

    And why don't you come out up front and say it is a Beta? Try not to waste readers' time, either cover it appropriately or find something else to write about. While I still am willing to bother with you.
    Marcopolish
    Reply Vote

  • yeah, but

    OK. I downloaded the Secunia Personal Software Inspector (BETA) and installed it and turned it loose on my unsuspecting, insecure applications. The app does exactly what Secunia says it will do and it does a bang up job of it. It finds all the applications that are insecure and tells you what they are. It suggests you visit the websites for each of the insecure apps and download the latest version. It even supplies the links to some of them so you don't have to go open the program. That is a great thing with some nice features. Kudos to Secunia for creating such a cool tool. Fine. What it <i>doesn't</i> do (and I wish it did) is tell me how to remove the insecure, older versions of the programs which I've updated after visiting the various websites.
    Nor does the Windows installer make this an easy task, by the way: Windows uninstaller usually lists only the most recently installed versions. No help there.
    What I'd like to see (and in all fairness, Secunia has released a <b>Beta</b> version of this application, so obviously the chips are not all in just yet) is a way to remove the old, insecure, unwanted files. Preferably, I'd like a simple way for those of us who know just enough about our computers to be dangerous to ourselves. In addition, I'd like to see if I have a version of the applications discovered which IS secure already installed. That way, I would know whether I had to go to the individual websites for the most recent (and supposedly secure) version.
    Right now, the Beta is a freeware application. If Secunia added those two items, I'd be more than willing to pay for them.
    Pax,
    Nelson
    WNelWeb
    Reply Vote

    • Try Revo Uninstaller

      Revo Uninstaller will remove your old installations with or without 'software uninstallers'. It 's also advisable in most cases to uninstall older versions before installing their updates.
      Hope this helps
      tntctzn
      Reply Vote

  • Did not work right for me, why?

    Works great for a moment. In a Notebook Computer I must exit program after Computer startup then restart the software to see what is there. It has 2 or 3 false postives, Macromedia-Adobe Flash Player and McAfee Security Center are mis-identified. Takes a few day to find all software - after install does not find all software.
    troubled241
    Reply Vote
CNET Join | Log In | Privacy | Cookies Close