Next version of vulnerable software inspector unveiled by Secunia

Secunia has announced the beta launch of a higher version of its Personal Software Inspector (PSI). 

The vendor of vulnerability management solutions said PSI 3.0 includes extended automatic patching and a simplified user interface; it's designed "to assist reduce the chore of keeping software programs secure and recent".

Using the Secunia Package System to present extended automatic patching, the free software removes the dependency on vendors providing silent installers. After examining the entire files at the local hard disk drive, the collected data is shipped to Secunia's servers, which match the information against the File Signatures engine, which supplies an in depth report of the missing security-related updates for the user's system.

PSI automatically performs scans every seven days in order for the newest secure versions of the software is installed. The final product is decided for release in June.

PSI is a free security scanner geared toward home computer users, and decreases the choice of programs users ought to update manually to remain secure. It automatically detects insecure programs from all software vendors and downloads and installs the desired updates with none intervention from the user.

Thomas Kristensen, chief security officer at Secunia, said: “Though the various larger software vendors have begun to offer automatic update mechanisms, we still see too many users ignoring the update requests. With PSI 3.0 we've got included silent auto updates for as many programs as possible, because we've learned that the users are not looking for to be interrupted with a view to accept and update after they are attempting to work.

“The goal is with a view to help all users through the years almost completely eliminate the update burden, by automatically installing all security-related updates for common end-user programs. We're aiming to make PSI 3.0 the best tool users have to keep all their software updated."

Morten Rinder Stengaard, director of product management and quality assurance at Secunia, told SC Magazine that PSI 3.0 is simply intended for personal users and he failed to foresee a business edition or capabilities for endpoints to be centrally managed within the final release.

“The whole purpose of the beta is to check the product, but just as importantly to get inputs from the users as to which features they want to determine within the final release,” he said.

Security blogger Brian Krebs said: “When I ran the beta version, it found and automatically began downloading and installing fixes for roughly half the apps that it detected were outdated. This system did find several insecure apps that it left alone, including iTunes, PHP and Skype; i believe that this was in keeping with user feedback.

“It also can just avoid auto-patching busy programs (all three of these applications were running on my test machine once I installed PSI 3.0); for these, PSI presents the ‘run manual update', or ‘click to update' option.”