From wired.com: Hardly anyone runs a PC without known holes that hackers can exploit, a Danish security company reports. Of those who run the company’s free security-scanning tool, nearly half have more than 11 out-of-date programs.
Secunia Software’s Personal Software Inspector (PSI) checks programs installed on a user’s computer to see if the latest, patched version is installed. More than 98 percent of users had at least one program that wasn’t the latest version, the company found in a study of 20,000 users of its software.
Notice that the headline says “Most PCs...” I’ve always been a software minimalist and an advocate of preventative security. You know, the smug “an ounce of prevention is worth a pound of cure” kind of guy. That’s why I depend upon a pair of hardened Linux boxes for about 75% of my work on the VaultletSuite 2 Go, and on my OS X PowerBook for another 15% of my daily information gathering routine. For those of you out there keeping stats, that only leaves about 10% of my day for compatibility testing on other operating systems.
Even though I only use Windows XP and Vista exclusively in virtual machines (hosted on Linux) to test the VaultletSuite 2 Go, I’m still quite serious about keeping those disposable virtual installations squeaky clean. After all, life is short, and my clients expect my software to work everywhere; they also count on me to have an informed opinion as to how to keep them and their Windows PCs safe and secure.
So I decided to take the challenge and see just how up-to-date my two minimalist virtual Windows installations were. Good news: I scored 100% up to date on my Vista installation, and only had 1 out of date vulnerable component installed on my XP partition: the Flash ActiveX plugin for Internet Explorer.
Now, I ask you: if I am fastidious (bordering upon obsessive) about never using Internet Explorer for anything other than viewing VaultletSoft’s web pages and testing VaultletSuite applets, does that unpatched vulnerability really count? In practical terms, no. But just the same, I promptly enabled ActiveX, updated the Flash plugin, and then re-disabled ActiveX in Internet Explorer. Upon finishing that 3 minute task, I re-ran the PSI and received my expected 100% up to date gold star.
That’s squeaky clean.
And another free, easy to use tool to help you keep your computing house in order too.