According to Secunia, 78% of vulnerabilities on Windows systems, are from non-Microsoft programs. These 3rd party programs have become a favorite target of hackers, and keeping all the software on your system can be quite a challenge. Enter Secunia PSI…
Secunia Personal Software Inspector (PSI) Beta is a free security scanner that identifies vulnerabilities in non-Microsoft (third-party) programs which can expose PCs to attacks
Secunia is a critical piece of software in any consumers efforts to prevent malware. In its latest beta version (3.0) Secunia offers a greatly simplified interface, and one major new feature, auto-updating. Their stated goal, ““Would your grandparents, or mum or dad, be able to use it easily?” Did they go too far, or maybe not far enough?
After downloading PSI 3.0 beta, it installs quickly and immediately begins to scan installed applications, to identify missing security updates. Scan time will vary depending on the number of applications installed and system speed. On my test system the scan took about 10 minutes, which felt slow. A handful of applications were identified, and to my surprise they automatically began downloading and installing updates for some. Others offered option to “run manually update”, or “click to update”.
In trying to offer a one-click update for 3rd party applications, the beta is absent almost every setting available in the current version of PSI 2.0. While simplified user interfaces are all the rage, at first blush it’s apparent Secunia has gone too far. Power users will be put off by lack of control, lack of logging, and no option to exclude updates. It also assumes default installation paths, and is not able to auto-update all applications. Some manual updates fail, reminding of the “beta” status.
However, in trying to create a simple interface with auto-updating, I wonder if they’ve gone far enough to keep the average users system fully patched. PSI loads at system startup, and runs as an icon in the system tray notification area. A green icon indicates all your software is up to date, while a red icon indicates outdated software that requires security patching. Many of the updates triggering the warnings require manual intervention. From my experience, average users too often ignore icons in the system tray. Others are likely to be confused by the manual, and click to update options. The stated goal of creating an auto-patching utility for grandma is not fully realized.
While companies like Adobe and Sun have made remarkable strides in auto-updating their applications, (Flash, Reader, Java) there are many other 3rd party applications that can leave your system vulnerable. As Windows, Office and other Microsoft applications become more secure–and updated automatically, these 3rd party applications will remain a favorite target of potential system attacks. The importance of monitoring these 3rd party applications for updates can’t be overstated. Secunia has traditionally offered the best option for home users. Hopefully, issues in this early beta will be resolved quickly, and final release of Secunia 3.0 is able to meet expectations.