[Skip to Network Security Navigation]

Index A to ZApply NowFrom the ChancellorVisitorsAlumniPeople FinderFor the MediaFor Parentsjobs
Southern Illinois University Carbondale Home SIU Salukis
SalukinetSIUC IntranetAthleticsPublic Events CalendarWeather

[Skip to Network Security page content]

  

Secunia Personal Software Inspector (PSI)

One of the main ways for malicious users to gain control of your computer is by exploiting unpatched software. Older applications are often riddled with security holes, and it is critical to frequently update these 3rd party applications (as well as applying Windows Updates) to keep your computer protected. Updating, or patching, can be a confusing process due to poor documentation and technical complexity. Some software companies provide their applications with built-in update mechanisms, but these mechanisms are not always reliable. However, the entire process is simplified and streamlined with the use of application update notification tools.

Secunia's Personal Software Inspector (PSI) is a freeware application that actively scans your computer and compares it with its repository of updates, checking for out-of-date software. Unlike most update notifiers, PSI is skewed towards security updates instead of all patches. This means that unless an update is a critical security issue, PSI will not notify the user of an available patch. It should be noted that PSI also scans for available Microsoft patches, in addition to third-party software.

To download Secunia PSI, use this link and click the giant red button shown below.

Download Now



A window should pop up, prompting you to save the installer file. Click "Save File."

Save File



After fully downloading the installer file, an icon like the one below should pop up on your desktop. Double-click it to start the installation process.

Setup Icon



Click "Run" at the security warning.

Run



Select the language you're most comfortable with.

Language Select



The setup wizard should start, and you should hit the "Next" button to get the ball rolling.

Setup Wizard



Read the license agreement, then check the "I accept . . . " checkbox and click the"Next" button.

License Agreement



Secunia PSI is only available for personal use, so this is not for use on campus computers. Go ahead and select "Personal Use" before clicking the "Next" button.

Personal or Corporate?



If you'd like to learn more about Secunia PSI, go ahead and read the readme. If not, click the "Next" button.

ReadMe



Choose your install location. For our purposes, the default location should work fine.

Install Location?



After a short installation, you will be taken to the PSI home screen.

PSI Home Screen



Believe it or not, to start the scan of your computer for out-of-date applications, click the "Start Scan" button.

Start Scan



The scan will take a few minutes, depending on how many applications you have installed on your computer. If your computer is entirely devoid of out-of-date software, the following message will pop up.

Completed Scan



However, if there are any unpatched programs present on your computer, a message similar to this will be displayed:

Insecure Program Detected



Clicking the "View Insecure Programs" button will take you to this screen, which lists all known unpatched applications on your computer.

Insecure Programs

As you can see, I have installed an older version of Adobe Reader on my computer for this tutorial, which is a "category 4" threat. Reader is a very commonly exploited program, so it's best I fix this problem as soon as possible.



In order to  fix problems such as this, click the "Download Now" button on the right side of the screen.

Download Patch

Clicking this button will cause PSI to automatically download the necessary installer file from the vendor website in order to correctly patch the specified program. IT IS STILL NECESSARY FOR THE USER TO RUN THE INSTALLER FILE TO FINISH UPDATING THE APPLICATION.



After successfully downloading and installing the required patch, click the "Rescan" button to rescan your computer and verify the update installed correctly.

(Some updates may require you to reboot your computer after installation before the update can be detected as being installed)

Rescan Button



A window like the one below should appear.

Rescan Progress Bar



Let the process run in its entirety, and if the update has been applied correctly you will receive the message below.

The Threat Has Been Removed



On the flip side, if something went wrong and the application remains unpatched, the message will be this:

Still Insecure

If you receive the message above, I recommend visiting the vendor's site directly and downloading the patch there. If the problem still persists, uninstall the offending program and download/install the newest version from the appropriate vendor. Always rescan after making a change.



Advanced Mode


For more proficient users out there, PSI has an "Advanced" version of its interface. In the version, more settings and modifications are enabled, more information is presented about out-of-date programs, and harder to patch applications are displayed (the default PSI mode, or "Simple" mode, won't display some programs it deems too difficult to remedy by the average computer user). To toggle "Advanced" mode on, click the word "Advanced" in the top righthand corner of the home screen:

Interface Mode



The advanced home screen looks like this:

Advanced Home Screen



As shown above, there are many more options and menus in advanced mode. The "Insecure" tab displays the same page as before that lists any unpatched programs on your computer. "End-of-life" refers to any applications that no longer receive updates and  should be uninstalled from your machine immediately. Obviously, "Scan" is where you go to run a scan of your computer. The "Patched" tab will give you a screen like the one below:

Program List

A comprehensive list of completely updated programs installed on your computer is displayed, as well as their relative threat rating (according to Secunia). This page is a handy way to quickly get the version number of various programs.



In advanced mode, there are a few settings to play with:

Settings



By default, PSI starts running upon boot-up, but that option can be toggled off here. Also enabled by default is the feature "program monitoring." With this monitoring, PSI is able to perform an (almost) real-time tracking of the applications installed on your system. So, if you were to remove an old program and install a new one, PSI will alert you with a speech bubble in the system tray:

Program Monitoring Bubble

Click on the speech bubble for more information regarding the program changes.



In 2008, Secunia determined that 95% of personal computer
s were vulnerable to exploit because of unpatched software. Using PSI can greatly reduce your chance of a system compromise. Be smart, download Secunia PSI today. If Secunia PSI doesn't appeal to you, or if you are unable to install it because your computer is University property, you might want to consider Update Notifier or Secunia's Online Software Inspector as alternatives.

 

  

Index A-Z | Apply Now | From the Chancellor | Visitors | Alumni | People Finder | For the Media | For Parents | Jobs
SalukiNet | SIUC Intranet | Athletics | Public Events Calendar | SIUC Home

Comments: Webmaster

Copyright © 2006, Board of Trustees, Southern Illinois University
Privacy Policy Last Updated Thursday, December 15, 2005
Network SecuritySIUC Information Technology