The impending arrival of Service Pack 1 for Vista less than a year after the product launched has set tongues wagging across the IT industry, especially because Microsoft has made impassioned pleas to customers not to let SP1 delay any proposed deployments.
“Yeah, right,” is probably a fair summary of the industry’s response, but looking through the list of promised fixes I started to wonder about software patches and updates in general. I detest resource-hogging applets and services that sit in my system tray sniffing for updates - particularly the Adobe Acrobat updater, which seems totally incapable of downloading and installing multiple updates in the right order.
The only programs that get regularly patched or updated are those I use a lot, so how exactly do I discover the state of the dozens of long-forgotten apps on my PC? I poked around a bit and came across Secunia’s online Software Inspector tool, a great free service that scans the version numbers of all the software on your system and checks for any reported vulnerabilities or whether the software is end-of-life. It will even give you full information on what the latest versions are and where to get the patches or updates.
Secunia is probably a familiar name to many readers it regularly issues vulnerability advisories that are picked up by the press but I had certainly never realised what a batch of useful tools it offers. The latest to appear is a standalone version of the online tool called the Personal Software Inspector, which is free for home or personal use. There’s also a commercial version called the Network Software Inspector that’s just finished an open beta test, plus a whole range of enterprise solutions.
It’s all fairly straightforward stuff, relying on Secunia’s huge repository of vulnerability advisories. On my system it found several out-of-date programs such as Flash and Quicktime that I’d never even thought of updating. But there were also a few false alarms, most caused by the failure of many programs to remove all the traces of previous versions when they are updated. I ended up with vulnerabilities being flagged for about four different versions of the Java Runtime Environment, but at least the inspection tool warns you that this may happen.
Although I have had no experience of its enterprise products, Secunia at least seems to have the basics right in the freely available stuff, and that is always an encouraging start. But given that much of the software I have previously enthused about in this column has either disappeared (Aida32 ) or been gobbled up by Microsoft (Foldershare and Sysinternals), I certainly hope I haven’t given Secunia anything to worry about.
