Trying Secunia Vulnerability Scanning

One feature which most Unix systems possess, and that most Windows systems lack, is a native means to manage non-base applications. If I install packages through apt-get or a similar mechanism on Ubuntu, the package manager notifies me when an update is needed and it's easy for me to install them. Windows does not natively offer this function, so third party solutions must be installed.

I had heard about Secunia's vulnerability scanning offerings, but I had never tried them. I decided to try the online version (free for anyone) and then the personal version on a home laptop I hadn't booted recently.

You can see the results for the online scanner below. All that was needed was a JRE install to get these results.



The online scanner noticed I was running an older version of Firefox, and I needed to apply recent Microsoft patches. The fact that it checked Adobe Flash and Acrobat Reader was important, since those are popular exploit vectors.

Next I tried the personal version and got the results below.



This scan added more results, but only after I unchecked "Show only 'Easy-to-Patch' programs" on the Settings tab. I like that Secunia told me that my Intel wireless NIC driver needed patching. If I look for details I see this:



Clicking on the Download Solution icon took me to an Intel Web page, but at that point I needed to know what NIC driver I needed. That's why Secunia says "If you have the technical knowledge to handle more difficult programs, then we strongly recommend that you disable this setting" with respect to the "Show only 'Easy-to-Patch' programs" option.

I noticed Secunia doesn't check to see if WinSCP is patched, so I used the easy "Program missing? Suggest it here!" link to offer that idea to Secunia.

What do you use to keep the various applications installed on Windows up-to-date?

Comments

Brian said…
I have been using PSI for quite a while and have been impressed with its results. I've only recently noticed that there are some programs not being checked and I am still waiting on a response/update that includes it. It also does a pretty good job monitoring newly installed/updated programs. Generally speaking, I am very happy with it.
10:47 AM
Steve Lodin said…
I, too, have been using Secunia PSI since its first beta as one of the tools in my arsenal. It sure beats the NIST Windows Gold Disk. I don't have it running all the time in the background though.
11:19 AM
Anonymous said…
You may want to check out Appupdater, it is an interesting free option. While it's database isn't always current it offers the capability to build your own repository and populate it with custom signatures.

It's at: http://www.nabber.org/projects/appupdater/

PS- it has WinSCP ;)
12:35 PM
Brian said…
@steve lodin: I agree that it's one of the best tools in the arsenal, but I am not sure how it compares to the Gold Disk. They are two unrelated tools - one providing STIG compliance while the other checks to ensure you have the latest version of a software.
7:04 PM
Joe said…
PSI has been the most reliable tool I've used for keeping my Windows box up to date.
8:00 PM
John Ward said…
I remember years ago CNet used to offer a free tool similar to this called Catchup. They discontinued it without notice a few years after starting it. It was great. I never bothered to look for a replacement. I'll give this a spin and see how it goes.
8:43 PM
Anonymous said…
This comment has been removed by a blog administrator.
4:37 AM
Anonymous said…
It's a good product and a fantastic idea.
9:11 AM
Steve Lodin said…
@Brian

You're right, I mixed my apples and oranges.
3:08 PM
Anonymous said…
I've been a long time user of PSI and, being the family geek, I install it on every computer I touch.

While it won't automatically patch programs, it at least offers a very quick glance at what needs updating.

This is a very, very cool program.
11:37 AM
Anonymous said…
Secunia is not serios, the believe in criminal hackers mostly from arabien countries who deliver to Secunia false informations.. Thats only a marketing trick from Secunia to sale better there software.... They dont even check the informations from a crazy hacker site, named www.milworm.com based in Texas US..
5:54 AM
Anonymous said…
This comment has been removed by a blog administrator.
9:13 AM
Anonymous said…
This comment has been removed by a blog administrator.
7:59 AM
Anonymous said…
This comment has been removed by a blog administrator.
10:13 AM
Anonymous said…
This comment has been removed by a blog administrator.
11:44 PM
Post a Comment

Popular posts from this blog

MITRE ATT&CK Tactics Are Not Tactics

Image
Just what are "tactics"? Introduction MITRE ATT&CK  is a great resource, but something about it has bothered me since I first heard about it several years ago. It's a minor point, but I wanted to document it in case it confuses anyone else. The MITRE ATT&CK Design and Philosophy document from March 2020 says the following: At a high-level, ATT&CK is a behavioral model that consists of the following core components: • Tactics, denoting short-term, tactical adversary goals during an attack; • Techniques, describing the means by which adversaries achieve tactical goals; • Sub-techniques, describing more specific means by which adversaries achieve tactical goals at a lower level than techniques; and • Documented adversary usage of techniques, their procedures, and other metadata. My concern is with MITRE's definition of "tactics" as "short-term, tactical adversary goals during an attack," which is oddly recursive. The key word in the tacti...
Read more

Zeek in Action Videos

Image
This is a quick note to point blog readers to my Zeek in Action YouTube video series for the Zeek network security monitoring project .  Each video addresses a topic that I think might be of interest to people trying to understand their network using Zeek and adjacent tools and approaches, like Suricata, Wireshark, and so on.  I am especially pleased with Video 6 on monitoring wireless networks . It took me several weeks to research material for this video. I had to buy new hardware and experiment with a Linux distro that I had not used before -- Parrot .  Please like and subscribe, and let me know if there is a topic you think might make a good video.
Read more

New Book! The Best of TaoSecurity Blog, Volume 4

Image
  I've completed the TaoSecurity Blog book series . The new book is  The Best of TaoSecurity Blog, Volume 4: Beyond the Blog with Articles, Testimony, and Scholarship .  It's available now for Kindle , and I'm working on the print edition.  I'm running a 50% off promo on Volumes 1-3 on Kindle through midnight 20 April. Take advantage before the prices go back up. I described the new title thus: Go beyond TaoSecurity Blog with this new volume from author Richard Bejtlich. In the first three volumes of the series, Mr. Bejtlich selected and republished the very best entries from 18 years of writing and over 18 million blog views, along with commentaries and additional material.  In this title, Mr. Bejtlich collects material that has not been published elsewhere, including articles that are no longer available or are stored in assorted digital or physical archives. Volume 4 offers early white papers that Mr. Bejtlich wrote as a network defender, either for technica...
Read more