Secunia reports that the typical home user running Windows is expected to patch software every 5 days on average.
"It’s completely unreasonable to expect users to master so many different patch mechanisms and spend so much time patching," said Thomas Kristensen, the chief security officer of Secunia. The result is that few consumers devote the time and attention necessary to stay atop the patching job, which leaves them open to attack.
That may be unreasonable, but unfortunately necessary. Secunia’s FREE Personal Software Inspector (PSI) can help. According to Secunia, of the users who ran PSI the last week of January, half had 66 or more programs from 22 or more vendors on their machines. PSI scans PCs to produce a list of vulnerable software. Users are then directed to the approprite vendor patch site for updates. Nearly 2 million copies of the tool have been downloaded since Secunia debuted it in 2007.
Secunia will release a technical preview of PSI 2.0 in the next six weeks which will include automatic updating functionality similar to Microsoft’s update programs. Before the end of the year, Secunia should have PSI 2.0 wrapped up. "Updating is complicated, and we need to get it out to users so they can give us feedback," said Kristensen. Although PSI 2.0 is based on technology in Secunia’s Corporate Software Inspector along with Microsoft’s Windows Server Update Services (WSUS), PSI 2.0 will remain free for consumers. Kudos Secunai!
"We want to promote patching," Kristensen said when asked why Secunia is expending resources on a product it’s giving away. People know Microsoft’s patch service, Windows Update, but that’s not the only updating mechanism they have to deal with. They have to patch Adobe software three, four times a year, and QuickTime, which is frequently exploited. That’s why we think this will make a difference."
Secunia has published a white paper that details its PSI scan findings (download PDF).
Download a FREE copy of PSI from Secunia today! Check out CSI for your company while you’re at it.