'

Finding a software updater to replace Secunia's PSI

Now that Flexera has discontinued Secunia's Personal Software Inspector (PSI), users who want vulnerability management software to check and update third-party Windows programs are looking for alternatives. Here are two....

SUMo screen shot

KC Softwares' SUMo (Software Updates Monitor) could be a replacement for Secunia's PSI


Secunia's Personal Software Inspector 3 (PSI) has been discontinued by Flexera, which bought it in 2015. People who have been using it to update Windows programs over the past decade are now looking for a replacement - and if you have not been using a vulnerability management program like this, you should consider it.

Microsoft provides Windows Update to keep its operating system up to date, and other programs may have their own background processes - Google Chrome and Firefox are examples - or check for new versions when they are run. PSI provided a simple way to check and update a wide range of third-party programs, including ones that hadn't been used recently. This helps avoid malware attacks on vulnerable software such as Oracle's Java JRE, Adobe Reader, Adobe's Flash Player, and Apple's iTunes and QuickTime.

And you may well have more programs on your PCs than you think. My Dell desktop, for example, came with a suite of Nvidia programs that support the graphics card, the Killer Control Center and KillerDiagnostics, Waves MaxxAudio Pro, Dell Digital Delivery, Intel's Rapid Storage Technology (IAStorUI.exe) and other software preinstalled. There are some utilities that I use every day - such as Everything and FreeFileSync - but others I can easily forget, such as CrystalDiskInfo, SiSoftware's Sandra Lite, and Belarc Advisor. Some I'd completely forgotten, such as Nirsoft's USBDeview, Speccy and Spacemonger. PSI's weekly software inventory made it easy to update the programs I wanted and remove ones I no longer needed.

The pick of the half-dozen PSI replacements I've tried is KC Softwares' SUMo (Software Updates Monitor), from a French company that offers a lot of small utilities. It only found 36 programs, compared with PSI's 96, so it's not as thorough. It ignored Microsoft Office and operating system components such as .Net and Edge.

SUMo takes version numbers literally, to the last digit, but at least it distinguishes between major and minor updates. For example, it classes updating FreeFileSync from version 9.9 to 10.0 as "major" while updating the Everything file search program from version 1.4.1.877 to 1.4.1.895 is "minor". Neither is likely to make much real difference, but I generally install the major updates on software I use regularly, on the grounds that it's better to be up-to-date than not.

SUMo is free, though you have to pay for it in order to make it really useful. The free version doesn't actually install updates, it takes you to a SUMo web page that invites you to buy the program or follow a link to the program's web page. Clicking, for example, the "Download FreeFileSync" button takes you to a shopping cart where you can buy the full version of SUMo (lifetime use) for £28.86. If you consider the time involved in visiting half a dozen web pages to update various utilities, it will soon pay for itself ... as long as you buy into the idea of keeping your PC software up-to-date.

When it comes to Windows, Office programs, browsers, and vulnerable software like Java, then keeping software up to date really is important. When it comes to Winamp, Paint.net, Unchecky and lots of small utilities, it's not.

Patch My PC Home Updater screen shot

Patch My PC Home Updater can install and update more than 300 programs and utilites from Acrobat Reader to Wireshark.

SUMo's main rival is Patch My PC Home Updater, which is free. It's somewhat like Ninite, in that it installs and updates a limited number of popular programs. The advantage is that it installs updates very efficiently. (The enterprise version of Patch My PC is sold as a third-party patch management system for Microsoft's SCCM for $1 per user per year.)

The main drawback is that it doesn't cover many programs - 301 at the time of writing, with more being added - and it only finds 16 on my PC. That's a long way short of 96. On the other hand, you could argue that most of the programs it doesn't update are probably not worth updating, at least for security purposes.

Patch My PC divides its programs into 17 sections, such as Browsers, Multimedia, File Archivers, Messaging, and Developer. If you need a utility, you can find and install it quicker using Patch My PC than you can from the web. It not only saves a lot of time, it avoids having to navigate the deceptive download buttons on some sites, and there's no risk of being lumbered with an unwanted extra program.

Patch My PC also includes a scheduler, so you can set a time to scan your PC, and an uninstaller. That found dozens of things it could remove from my PC, though many of them would be best left alone. (Should things like Intel's Chipset Device Software be on an uninstallation list?)

Another option may appear later this year, in the form of VulnDetect, which is still in a pre-beta state. The company says "Rest assured, VulnDetect will become a viable alternative, and we are committed to providing a free version, for personal use."

Several of us have suggested that something much like PSI version 2 would get a warm welcome, and this seems to be the plan. However, the client software is only one part of the system. Building and curating the back-end software catalogue is the real challenge.