One of the ways security managers provide safe endpoints is through ensuring only patched, currently supported software runs on them. This isn't always easy, and enterprise scanning solutions can be too expensive. Sometimes, the solution is to check new images before rollout, or existing images well into their lifecycle, to verify the existence of only current, secure applications. This where Secunia's Personal Software Inspector can add business value.
Personal Software Inspector (PSI) is a free utility, downloadable from the Secunia Web site. When run on a desktop or laptop, it collects information on installed .EXE, .DLL, and .OCX files, sends it to the Secunia PSI server, and checks identified application patch and EOL status. It can also be configured to run in the background, checking new application installs for known, patched vulnerabilities.
I downloaded PSI and ran it on my test machine. The rest of this post walks through my brief test of its capabilities.
The download file was small, only about 500 KB. Once I completed the installation process, PSI immediately began a scan of my system. The scan took less than 10 minutes. Since it was running on a test system, I wasn't surprised it found something to complain about. See Figure 1.
Figure 1: PSI Scan Results
PSI found 11 applications needing patches and two that were EOL. When I closed this window, PSI displayed a completed list of my insecure programs, shown in Figure 2.
I decided to remediate Adobe Acrobat 8. PSI provides two ways to fix an insecure application. The first is to select the blue circle with an embedded down-arrow to install the missing patch. You can also click the "+" to the left of the application name, expanding the information about the Acrobat vulnerability. PSI displays a list of possible remediation actions at the bottom of the expanded information section. I chose the icon to the right of the general listing entry.
After the patch was downloaded and installed, I re-ran the PSI scan on Acrobat by clicking the green and white icon shown to the right of the application, as depicted in Figure 2. When the scan finished, I received the message shown in Figure 3.
Figure 3: Scan Success Message
There isn't much to configuring PSI. In fact, there are only three basic user-configurable settings. See Figure 4
As depicted in Figure 5, PSI also provides an overview page, including an overall system security score. My PC scored 90 percent once I patched Acrobat. The score doesn't mean much, however. A system's vulnerability- or security-level is based on much more than whether I patched an application or not.
Overall, I liked this program as a quick, inexpensive way to check new or existing images, or even my home PCs. However, it lacks the features necessary for enterprise-wide monitoring and remediation. Secunia recognizes this, and provides an enterprise product--for a fee.
Tom is a security researcher for the InfoSec Institute and an IT professional with over 30 years of experience. He has written three books, Just Enough Security, Microsoft Virtualization, and Enterprise Security: A Practitioner's Guide (to be published in Q1/2013). Before joining the private sector, he served 10 years in the United States Army Military Police with four years as a military police investigator. He has an MBA and CISSP certification. He is also an online instructor for the University of Phoenix.