Identifying vulnerable applications is a task that Secunia PSI application will handle without the need for user to visit many sources. What Secunia Personal Inspector is offering will help reduce infection or attacks caused by security holes in programs.
Usage of Secunia PSI
One method of protecting your system from malware and zero day attacks is to patch the vulnerable applications and to replace or remove programs that have reached their end of life.
Secunia Personal Software Inspector (PSI) is a tool that will audit the security patch state of software installed on a system. It will monitor your system for insecure software installations. It will also notify a user when an insecure application is installed, and even provides the direct download of the insecure version of the software.
Note that Secunia PSI will not scan the system if there is a new version of the installed software but will only scan and detect for missing security patches in Windows and thousands of third party applications.
Secunia PSI will not only scan for missing patches of Windows but thousands of software applications that are widely-use and often exploited by malware creators and online scanners if left unpatched.
Installation and System Requirements
The user can only install Secunia Personal Software Inspector (PSI) using administrative privileges under Windows 2000 with Service Pack 4, XP with SP2 or later, Windows 2003 and Vista. A connection is required to use the program to enable Secunia PSI to access theirs and Microsoft’s Windows Update servers. The system is also required to have the latest version of Windows Update Agent (WUA).
Note that if a user can access Windows Update without issue, the system has the latest version of WUA.
The installation is easy and no reboot is required to start using the program. If Secunia PSI is launched after installation, the program will automatically start to scan the system for insecure software installations.
Two modes are available in using Secunia PSI; the default is the Simple mode allowing users to view only basic patching information (Easy-to-Patch), while the Advanced mode will provide more details for technical users.
Features and Options
Secunia PSI has the following option:
- Easy-to-Patch – this option is for non-technical users. If this is enabled, the difficult to patch programs will not be displayed.
- Re-scan the system anytime
- Re-scan a particular software installation (if Easy-to-Patch option is disabled)
- End-of-Life detection for programs which vendors no longer support
- Pause and continue the scan
- Scheduled scan
- Basic and Advanced mode
- Drive or folder exclusion to scan
- Direct download of applications that requires patching
- Link to Secunia Historic advisory for applications that requires patching
- Option to report or suggest a new program that Secunia PSI has not detected
- Load Secunia PSI on Windows startup
- Program Monitoring – if this option is enabled, Secunia PSI will notify the user for any removed or installed programs. This option can only be use if Secunia PSI is set to loading during Windows start-up.
The Secunia PSI program will show the status of the system by displaying Secunia System Score, the date of last scan, the state of the programs which have 3 categories: Insecure, End-of-Life and Patched programs. A chart is also shown in the program overview to display Secunia System Score. Secunia System Score is to present the patching performance on the system each week.
On a test XP system with few third party applications, Secunia PSI has finished scanning in less than 3 minutes while the test Vista system with more than 100 of software installations, Secunia has finished scanning in 5 minutes. The program does not block the user to continue using the computer because the scan can be done on the background and provide notification on the status of the scan via its program icon on the systray. The memory usage of Secunia is too high though. On Vista system with 3GB of RAM, Secunia PSI is using 26MB of memory while it’s idle or monitoring (not scanning for insecure software installations) for added or removed programs. I suggest that users opt-out for loading Secunia PSI during Windows start-up because of the high memory usage of the program. Just remember to run a scan using Secunia on weekly basis or scan only when Secunia has updated the detection database.
Tip: To be notified on database update for Secunia, sign-up for their free reminder service. Subscribers will be notified if a database has been updated.
On the test XP system, I have installed an old version and no longer supported AVG anti-spyware v7.5. Secunia PSI v1.04 failed (see screenshot at the left) to detect that AVG anti-spyware is no longer supported by AVG Technologies. This can be reported to them so they can add on their database.
Price and Support
Secunia PSI is free for personal use. Registration is not required to use the program but needed, if a user would like to participate in Secunia forums.
Secunia PSI is highly recommended for users that want to make sure that they do not have insecure software installation. The fact that PSI supports an enormous number of commonly used applications makes it an exceptionally valuable tool. For users who rather have a program that will identify new software versions (whether the installed version is insecure or not) you can try Version Tracker, RadarSync and/or the free but currently in beta, Filehippo.com Update Checker.