Saturday,
Apr
11,

A Look Inside Secunia Software Inspector

|

I've found a great tool that examines my computer to make sure that it has the latest updates of the most common software packages — not all the updates, but the security updates for the versions I'm runninng.

It's called Secunia Software Inspector, from the Danish security firm Secunia (www.secunia.com).

Secunia offers three versions of its software inspectors:

Secunia Software Inspector — scan on-line (free)
Secunia PSI — download version for personal use (free)
Secunia Network Software Inspector — the full-featured product.
Quoting Secunia's FAQ:

# What's the difference between the Secunia PSI and the Secunia Software Inspector (the online version)?

The Secunia Software Inspector identifies about 40 of the most common applications, while the Secunia PSI can identify over 4,200. In addition, the Software Inspector is run using the web browser, while the Secunia PSI is downloaded and installed.
I decided to try the online scan version " Secunia Software Inspector." In the first image below, we see several important points.

First, that a default inspection normally lasts between 5 and 40 seconds. Second, I selected the "Enable thorough system inspection" option. Third, the scan took 11 minutes and 40 seconds.

Secunia Software Inspector found two problems for me that I needed to fix. The first, in the left-hand image, was the version of Adobe Reader that I had installed (it's updated now).

When Adobe Reader 8 came out, I upgraded to it immediately. Then, I started to have problems where it hung my computer at 100% CPU use for minutes at a time (like 30 minutes, until I powered the computer off!). Once I realized the link between Adobe Reader 8 and the problem, I quickly uninstalled v8 and reinstalled v7. But, since then, Adobe released an update to v7 that fixed a security problem with it. Now, I've updated to Adobe Reader 7.0.9.

The other security update I was missing was Opera 9.25, shown in the right-hand image. This one is embarassing! Each week in my on-line newsletter, I note the updates and upgrades to some specific programs, including Opera. I knew that v9.25 was released and was a security fix, but I still hadn't installed it. I have now.

Back in the starting screen (the first image), I put a checkmark in the box that told SSI to do a thorough system inspection - to look in non-default locations for the programs...and it did.

In the next image, we see that it found an old version of QuickTime that I had left intentionally on the system. I had changed the directory name so that it could not be found in the normal location. SSI found it in the renamed directory — and warned me that the version was insecure. Then, it told me what to do to get the patch.

Similarly, the Java 1.5 version that was identified in the last image was an old version in a renamed directory. After the test, I removed it.

After doing the thorough system scan, I reran the scan without as a normal, default scan. It took 1 minute and 13 seconds. It found the Adobe Reader 7.0.8.218 version security issue and it found the Opera 9.23 version issue.

Since the other security issues were tests that I had left (programs whose directories had been renamed), the software inspector missed them as it should have done.

My final steps are to delete the renamed directories (the programs were already uninstalled, but I had saved the files for testing) and to install Adobe Reader 7.0.9 and Opera 9.24.

Give the Secunia Software Inspector online version a chance to help you, too.
http://secunia.com/software_inspector/

0 comment:

Post a Comment

 

©2009 computer technology World | Template Blue by TNB