Security

Free security tools: Secunia Personal Software Inspector

Making sure applications in new or existing endpoint system images are free from unpatched vulnerabilities is not an easy task. Secunia provides a free utility to help identify and quickly remediate out-of-date or EOL programs.

One of the ways security managers provide safe endpoints is through ensuring only patched, currently supported software runs on them. This isn't always easy, and enterprise scanning solutions can be too expensive. Sometimes, the solution is to check new images before rollout, or existing images well into their lifecycle, to verify the existence of only current, secure applications. This where Secunia's Personal Software Inspector can add business value.

Personal Software Inspector (PSI) is a free utility, downloadable from the Secunia Web site. When run on a desktop or laptop, it collects information on installed .EXE, .DLL, and .OCX files, sends it to the Secunia PSI server, and checks identified application patch and EOL status. It can also be configured to run in the background, checking new application installs for known, patched vulnerabilities.

I downloaded PSI and ran it on my test machine. The rest of this post walks through my brief test of its capabilities.

The download file was small, only about 500 KB. Once I completed the installation process, PSI immediately began a scan of my system. The scan took less than 10 minutes. Since it was running on a test system, I wasn't surprised it found something to complain about. See Figure 1.

Figure 1: PSI Scan Results

Figure 1: PSI Scan Results

PSI found 11 applications needing patches and two that were EOL. When I closed this window, PSI displayed a completed list of my insecure programs, shown in Figure 2.

Figure 2: PSI Scan Results Listing

I decided to remediate Adobe Acrobat 8. PSI provides two ways to fix an insecure application. The first is to select the blue circle with an embedded down-arrow to install the missing patch. You can also click the "+" to the left of the application name, expanding the information about the Acrobat vulnerability. PSI displays a list of possible remediation actions at the bottom of the expanded information section. I chose the icon to the right of the general listing entry.

After the patch was downloaded and installed, I re-ran the PSI scan on Acrobat by clicking the green and white icon shown to the right of the application, as depicted in Figure 2. When the scan finished, I received the message shown in Figure 3.

Figure 3: Scan Success Message

Figure 3: Scan Success Message

There isn't much to configuring PSI. In fact, there are only three basic user-configurable settings. See Figure 4

Figure 4: PSI Settings

As depicted in Figure 5, PSI also provides an overview page, including an overall system security score. My PC scored 90 percent once I patched Acrobat. The score doesn't mean much, however. A system's vulnerability- or security-level is based on much more than whether I patched an application or not.

Figure 5: PSI Overview Window

Overall, I liked this program as a quick, inexpensive way to check new or existing images, or even my home PCs. However, it lacks the features necessary for enterprise-wide monitoring and remediation. Secunia recognizes this, and provides an enterprise product--for a fee.

 

About

Tom is a security researcher for the InfoSec Institute and an IT professional with over 30 years of experience. He has written three books, Just Enough Security, Microsoft Virtualization, and Enterprise Security: A Practitioner's Guide (to be publish...

3 comments
rayalu_vas
rayalu_vas

there is a pc with 3 users.They want to access their pc remotely in lan network.like win 2003.

mjbdiver
mjbdiver

I don't care for this program. It considered Adobe Flash Player a security flaw and offered a link to remove the software. I removed the Software Inspector instead.

burntfinger1
burntfinger1

considers Adobe Flash to be a security flaw too :) and tells me I need to reinstall irt several times a night :)

Editor's Picks