A couple of announcements this week have brought home just how important it is to proactively defend your PC against the multitude of dangers that exist on the modern internet. This first was F-Secure announcing that the most targeted application of 2009 was, shock horror, not a Microsoft application. Less surprisingly was that fact that the gold medal winner was Adobe Acrobat. The second, as reported in the Register, was that Secunia have estimated that on average it is necessary to patch your PC once every 5 days to remain secure.
Until recently, if you had a good anti-malware package, a personal firewall (even the inbuilt Windows one) and had activated automatic Microsoft updates, there was a good chance that your PC was well protected. Unfortunately as has become apparent, the bad guys now target far more than Microsoft products and there is just too much new Malware to feel confident that anti-malware software can catch all new attacks. It seems that making sure all of your applications are patched as part of your defence strategy is more important than ever.
At this point, I am sure Linux users are feeling vastly superior as patching all applications is a fundamental part of many Linux distributions and has been for some time. Unfortunately, their numbers are not sufficient to make this article obsolete.
To address the above issues, I’ve recently evaluated Secunia’s free Personal Software Inspector (PSI). It is supposed to scan your PC, find all the applications running on it and then notify you if any of them need patching. I was pleasantly surprised to find out that it did just that and detected many applications that I thought would be too obscure for it to know about. The interface is easy to us, providing links to patches, explanations of vulnerabilities and also to a forum so that you can discuss any problems you might have. It also shows end of life products which are no longer supported. One result of a scan was for me to cleanup my PC, removing all those old applications I no longer used, especially if they were considered dangerous, which has also helped performance.
There were a few quirks to PSI that caused a bit of confusion. Google Chrome was flagged as needing to be updated, despite the correct version being installed. It turns out that Chrome leaves the last version of its code on your disk when it carries out an upgrade, presumably for roll back purposes, and this was detected as a risk. Whether the old code was accessible and exploitable by hackers was not clear. PSI also has a simple and advanced mode. Simple only displayed vulnerabilities that were easy to fix, whereas advanced included everything. This seemed a bit strange as a vulnerability poses the same risk whether or not it is easy to fix. Having spent half a day fixing all the issues flagged as advanced, I finally decided that Simple mode was probably a good thing. If you can get none technical users to fix the majority of the problems on their PC, it’s probably better than scaring them off by trying to get them to address complicated issues for which exploitation is unlikely.
I’m definitely adding PSI as part of my PC defence strategy.
Posts
No comments:
Post a Comment