Archive

Posts Tagged ‘security’

Secure your PC with Secunia PSI

You’ve almost certainly already got Internet security and firewall software installed – these are obviously key to keeping safe when using the Internet. However, software which you use is also likely to contain weaknesses which are discovered and then patched by the company. These weaknesses could potentially put your computer at risk – so it’s best to avoid them. However, it’s not always easy to check whether your software needs updating. Much of it probably won’t alert you, or might only very occasionally run a check. That’s where Secunia Personal Software Inspector comes along to rescue you.

Secunia PSI will let you know of any security issues with software, and help you to easily fix them by updating or downloading patches

Secunia PSI will let you know of any security issues with software, and help you to easily fix them by updating or downloading patches.

The name is a bit of a mouthful, and my weary hands and addled mind do not want to keep repeating it; so I’ll be likely to refer to it as PSI at times here. The file size is very small – the download coming it at about 530 kb. Once you’ve installed the software and opened it, a window will pop up, which, after loading, will allow you to run a scan of your computer. During the scan PSI is sifting through all your software and checking them against its database. This database contains the versions of software, and the security issues related to them. Be patient during this phase. After scanning, it’ll then let you know if it’s found anything that needs sorting out.

It will list the software name and version; the threat rating; a link to a patch or update download; and a link to a forum for the issue. Clicking on the threat rating, which appears as a bar with a number of coloured squares within, will take you to a Secunia webpage with more information about the issue and its severity. You can click the arrow underneath the ‘Solution’ column to download patches or updates to fix the issues which it found. If you’d rather not take this route, you could manually download a newer version of the software which it’s getting upset about. Once the issues have been fixed, PSI should automagically realise this and remove it from the list. If not, simply scanning again will give it the nudge which it needs to appreciate your efforts.

There’s also the option to view the advanced interface. This looks a little bit deeper, but makes things more confusing. For example, when changing to advanced mode PSI picks up around ten threats on my desktop; but these are all from software which is more hidden away in windows folders; or the remnants of updated software, rather than installed and used applications. The advanced mode also provides links to the folders containing the software with which it finds issues, which will allow you to have a wander around and decide whether you’re willing to tamper with it or not. For most users I’d suggest not changing to advanced, as simple mode seems to provide all the functionality needed.

Secunia PSI will continue to run in the system tray even when you’re not using it. It will keep an eye out for software updates and security patches. If you install a new application it’ll check it against its database to see if there are any known security issues, and will then advise you as to updates and patches. Similarly, if issues arise with software you are running, it will diligently alert you to this, too. You can also go back and run a full scan as often as you wish – just to make sure everything’s up-to-date and secure.

Overall, a rather spiffing bit of kit. Once the first scan and update is completed, you’ll have very little else to do other than follow the updates as and when PSI lets you know about newly discovered security issues. You can download it from www.secunia.com/vulnerability_scanning/personal.

You’ve almost certainly already got Internet security and firewall software installed – these are obviously key to keeping safe when using the Internet. However, software which you use is also likely to contain weaknesses which are discovered and then patched by the company. These weaknesses could potentially put your computer at risk – so it’s best to avoid them. However, it’s not always easy to check whether your software needs updating. Much of it probably won’t alert you, or might only very occasionally run a check. That’s where Secunia Personal Software Inspector comes along.

The name is a bit of a mouthful, and my weary hands and addled mind do not want to keep repeating it, so I’ll be likely to refer to it as PSI at times here. The file size is very small – the download coming it at about 530 kb. Once you’ve installed the software and opened it, a window will pop up, which, after loading, will allow you to run a scan of your computer. During the scan it’s sifting through all your software and checking it against its database. This database contains the versions of software, and the security issues related to them. Be patient during this phase. After scanning, it’ll then let you know if it’s found anything that needs sorting out.

It will list the software name and version, the threat rating, a link to a patch or update download, and a link to a forum for the issue. Clicking on the threat rating which appears as a bar with a number of coloured squares within will take you to a Secunia webpage with more information about the issue and its severity. You can click the arrow underneath the ‘Solution’ column to download a patch or update for the issue which it found. If you’d rather not take this route, you could simply manually download a newer version of the software which it’s getting upset about. Once the issues have been fixed, PSI should automagically realise this and remove it from the list. If not, simply scanning again will give it all the nudge which it needs to appreciate your efforts.

There’s also the option to view the advanced interface. This looks a little bit deeper, but makes things more confusing. For example, when changing to advanced mode PSI picks up around ten threats on my desktop; but these are all from software which is more hidden away in windows folders, or remnants of updated software, rather than installed and used applications. The advanced mode also provides links to the location of the issues it finds, which will allow you to have a wander around, and decide whether you’re willing to tamper with it or not. For most users I’d suggest not changing to advanced.

Secunia PSI will continue to run in the system tray even when you’re not using it. I will keep an eye out for new software and new security updates. If you install a new application it’ll check it against its database to see if there are any known security issues, and will then advise you as to updates and patches. Similarly, if

Keeps tabs on changes

You’ve almost certainly already got Internet security and firewall software installed – these are obviously key to keeping safe when using the Internet. However, software which you use is also likely to contain weaknesses which are discovered and then patched by the company. These weaknesses could potentially put your computer at risk – so it’s best to avoid them. However, it’s not always easy to check whether your software needs updating. Much of it probably won’t alert you, or might only very occasionally run a check. That’s where Secunia Personal Software Inspector comes along.

The name is a bit of a mouthful, and my weary hands and addled mind do not want to keep repeating it, so I’ll be likely to refer to it as PSI at times here. The file size is very small – the download coming it at about 530 kb. Once you’ve installed the software and opened it, a window will pop up, which, after loading, will allow you to run a scan of your computer. During the scan it’s sifting through all your software and checking it against its database. This database contains the versions of software, and the security issues related to them. Be patient during this phase. After scanning, it’ll then let you know if it’s found anything that needs sorting out.

It will list the software name and version, the threat rating, a link to a patch or update download, and a link to a forum for the issue. Clicking on the threat rating which appears as a bar with a number of coloured squares within will take you to a Secunia webpage with more information about the issue and its severity. You can click the arrow underneath the ‘Solution’ column to download a patch or update for the issue which it found. If you’d rather not take this route, you could simply manually download a newer version of the software which it’s getting upset about. Once the issues have been fixed, PSI should automagically realise this and remove it from the list. If not, simply scanning again will give it all the nudge which it needs to appreciate your efforts.

There’s also the option to view the advanced interface. This looks a little bit deeper, but makes things more confusing. For example, when changing to advanced mode PSI picks up around ten threats on my desktop; but these are all from software which is more hidden away in windows folders, or remnants of updated software, rather than installed and used applications. The advanced mode also provides links to the location of the issues it finds, which will allow you to have a wander around, and decide whether you’re willing to tamper with it or not. For most users I’d suggest not changing to advanced.

Secunia PSI will continue to run in the system tray even when you’re not using it. I will keep an eye out for new software and new security updates. If you install a new application it’ll check it against its database to see if there are any known security issues, and will then advise you as to updates and patches. Similarly, if

Keeps tabs on changes

Downadup worm gets worse, says Symantec

Symantec, makers of the popular computer security software Norton, have announced that an ‘update’ to a computer worm has been detected which could affect computers who have already been infected with the Downadup (aka Conficker) worm. The original attempted to disable security software, this update sees its capabilities amplified.

Dubbed ‘W32.Downadup.C’, the files adds power to the original malicious software, giving it further capabilities to disable security software and evade detection and removal by security software. Symantec’s vice-president of security response states: “It’s more aggressive, it has more services.”

However, it has taken on more properties of a trojan than a worm, as it no longer attempts to spread to other computers by self-replicating. Currently, Symantec states that they have not yet seen the trojan spread to consumers’ computers. If the updated malware does begin to enter the consumer realm, the effects could be large, as it is thought that at least 1 in 16 computers are already afflicted by the original Downadup worm.

Adobe left the door unlocked

The past week or so has seen two critical security vulnerabilities surface in Adobe’s products. The first, discovered on the 20th February, is a vulnerability in the Adobe Reader software, used for reading PDF files by both home and business readers. Currently a malicious PDF document could run code on a computer which allows them access to the system. This vulnerability is currently ranked ‘Extremely critical’ by Secunia, the industry leader in security warnings.

Adobe Reader and Flash have both been affected by critical security vulnerabilities

Adobe Reader and Flash have both been affected by critical security vulnerabilities

Adobe Flash Player, another extremely popular and common product, was also found to have several major security issues. The alert for Flash Player was made just five days after Adobe Reader’s. However, this vulnerability is not deemed to be as dangerous since in order to be exploited the user must be physically using the computer. Nevertheless this could pose a risk in businesses, where a malicious user may exploit the vulnerability and gain access to personal information stored on the computer or network, even potentially gain privileges on the computer network in order to cause damage to the system or gain further access to sensitive information. This set of vulnerabilities creates a list of four currently unpatched and critical issues which affect Flash Player 9 and 10, Flash CS3 and CS4, as well as Adobe’s relatively new AIR product.

It is advised that users do not open PDF files from sources they do not trust. Some also suggest that alternatives are used in the place of Adobe’s Reader application – such as Foxit. Fixes for the issues are not expected until 11th March.

Vista Service Pack 2 on its way

February 28, 2009 Leave a comment

Windows KeyOh, poor Vista. It’s had a lot of bad press – it seems to be presented as XP’s younger brother who has special needs. However, Vista is a very different beast to what it was when first released: Service Pack 1 fixed many of the problems that had plauged it. Whilst nowhere near perfect, it’s much, much better than it was at its release. Like it or loathe it, it did a great deal to push Windows forward to be something more modern and user-friendly.

Now, as Vista gets ready to step aside to make way for the much-talked-about Windows 7, what is likely to be its final service pack is almost ready for release. Now in its final stages before release, developers are being allowed to sample it in an early download before its expected release in early to mid March. Blue seems to be very much a focus of the update: two of the main features added are the ability to record to blu-ray disks and support for the new 2.1 blue tooth technology. The new version of Windows Search – Version 4 – is also included, which should spell more accurate and faster searching when looking for your files. It also wraps up all previously released updates, so if you’ve missed any, you can get the whole lot at once.